HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Retailers Hacked by New Malware
New 'Backoff' Malware Slips Undetected into Retail Systems
New 'Backoff' Malware Slips Undetected into Retail Systems
By Shirley Siluk / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
31
2014

'Malicious actors' are using a new variety of malware to access consumer payment data remotely through point-of-sale (PoS) systems, according to a new report released Thursday by the U.S. Department of Homeland Security (DHS).

The "Backoff" malware takes advantage of applications like Microsoft's Remote Desktop and Apple Remote Desktop that let remote users -- telecommuting employees or independent contractors, for example -- connect with a company's in-house computer network. Hackers are employing the malware to connect with PoS systems operated by retailers and other businesses, then using brute force to log into those systems remotely.

"At the time of discovery and analysis, the malware variants had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious," said the DHS report, which was prepared with the help of the National Cybersecurity and Communications Integration Center; the U.S. Secret Service; the Financial Services Information Sharing and Analysis Center; and Trustwave, a Chicago-based cyber-security company.

Malware Criminals Not 'Sitting Still'

The first variants of the Backoff malware were detected in October 2013, and several new versions have been identified since then, according to the DHS report. The malware has been connected to at least three separate cyberattacks, although the agency did not identify the organizations that were affected.

We reached out to Karl Sigler, manager of threat security at Trustwave, to learn more about Backoff and what organizations can do to protect themselves from such malware attacks.

"It's completely new malware," Sigler told us. "Nobody has seen it before."

In addition to being difficult to detect, new variations of Backoff have continued to emerge, the most recent one being identified in May.

"The criminals out there don't sit still," Sigler said.

Constant Vigilance, Best Practices

While Backoff attacks up until now have been all but undetectable, with the public release of the DHS report and details about the malware's "indicators of compromise," anti-virus software companies are "no doubt" now working to develop protection against the new threat, Sigler said.

In the meantime, he added, retailers and other businesses that want to protect themselves from attacks should be sure to follow the best practices that are regularly recommended by cyber security professionals: use strong passwords, take advantage of two-factor authentication and closely monitor network activity to watch for unusual traffic patterns or strange IP addresses.

Consumers should take similar precautions, said Thomas Holt, associate professor with the School of Criminal Justice at Michigan State University. They should use a secure home computer to, for example, regularly check their bank and payment statements to spot problems as soon as possible.

Continual vigilance is the best defense, Sigler said. Retailers and other businesses, whether they're large or small, can't simply assume that vendor-provided PoS systems automatically provide state-of-the-art security.

"Generally, security takes a back seat" in such systems, Sigler said.

Tell Us What You Think
Comment:

Name:

TheSource49:
Posted: 2014-08-01 @ 10:58am PT
Interesting article, best practices in Cyber Security are often hard to identify , I would encourage you to read how companies like OPSWAT are advancing multi-scanning applications to the front lines

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
An easily avoided security lapse -- failure to use two-factor authentication on a single server -- is being blamed for the massive computer breach that hit JPMorgan Chase this past summer.

ENTERPRISE HARDWARE SPOTLIGHT
Flying under the radar just before Christmas, HP has launched a new version of its Chromebook 14, most notable for its touch screen and full high-definition display, plus more powerful specs.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.