Point-of-sale (PoS) systems that process debit and credit cards are being increasingly targeted with a wide range of malware, much of which has become highly sophisticated.
Those are the findings of research undertaken by security firm Arbor Networks, which claims that threats to the systems have evolved from opportunistic attacks involving card data theft to memory stealing PoS botnets with centralised command and control. Most recently, these have matured further, to become highly targeted attacks that require lateral movement and custom malware to fit in with the target organisation.
“While contemporary PoS attackers are still successful in using older tools and methodologies that continue to bring results due to poor security, the more ambitious threat actors have moved rapidly, penetrating organisational defences with targeted attack campaigns,” the company wrote in a blog.
And some of these more sophisticated attacks are going undetected for weeks, Arbor Networks said. Even where an organisation has a security team and well-managed network infrastructure, PoS compromises have proliferated for months prior to detection, the firm said.
“If attackers are able to launch long-running campaigns in such enterprise retail environments, one can conclude that many other organisations with less mature network and infrastructure management are also at serious risk,” it said.
Arbor Networks is currently tracking PoS malware such as Dexter, Project Hook, Alina, Chewbacca, Vskimmer and JackPoS.
PoS malware has been put under the spotlight since US retailer Target revealed that its PoS systems had been infected. The data breach resulting from the infection could have affected up to 110 million US citizens. Since the breach came to light, the company’s CIO Beth Jacob and CEO Gregg Steinhafel have both resigned.