The exposure of more than 40 million debit and credit card numbers at Target stores over the Thanksgiving holiday is a frightening testament to how sophisticated hackers have become at attacking point-of-sale (POS) systems used in retail stores and restaurants to process consumers’ credit and debit card payments.
Hackers target POS systems because they’re easily exploited to obtain credit card and PINs for sale on the black market. POS systems are IP devices and servers that scan, process and store credit card information. Hackers are able to obtain information from both POS devices and the operating systems they run on. They use that data to develop malware and botnets to gather credit card information from thousands of POS systems, as reported by IntelCrawler.
This ability of the hackers to become intimately familiar with POS systems allows them to understand and exploit a specific POS system’s vulnerabilities. In many POS breaches, it is believed that hackers can gain access to POS devices and servers by penetrating the administrative accounts used to manage the systems.
Once hackers secure administrative control, they are able to infect POS devices and servers with the malware or botnets that forward debit and credit card information back to a command-and-control server from which it is then sold on the black market.
The Target breach, the second-largest hack at a U.S. retailer, took place over a 19-day period, from Nov. 27 to Dec. 15. Consumers who shopped at stores across the country during that time are a risk of identity theft.
To protect yourself against debit and credit card fraud it is recommended that you use cash or a credit card when making a purchase. Be sure to check statements for fraudulent charges. Financial institutions that issue credit cards typically will refund any fraudulent charges against an account.
Mark McCurley is Information Security Officer at CyberScout Consulting.