Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Customer Data / Backoff Malware Is Spreading
Backoff Malware Is Spreading in Retail Systems
Backoff Malware Is Spreading in Retail Systems
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
OCTOBER
24
2014
With enterprises now averaging more than three dozen infected IT devices daily and attacks by point-of-sale (POS) malware like Backoff rising by double digits, companies today need to "operate under the assumption they are in a state of continuous breach." That's one of the findings from enterprise security firm Damballa's "Q3 State of Infections Report," released today.

During the third quarter of this year, global ISPs and enterprise customers saw a 32 percent increase in IT security events compared to the second quarter, according to the report from the Atlanta-based company. In particular, infections of the Backoff malware blamed for high-profile breaches at Target, Dairy Queen, Home Depot and Kmart rose by 57 percent between August and September, according to Damballa, while attacks in September alone rose by 27 percent.

A growing awareness about such threats, however, has paid off for the most proactive companies, the report found. In fact, the daily infection rates dropped by 40 percent in the third quarter for businesses using automatic incident detection.

A Mindset of 'Continuous Response'

"Most POS malware attacks are advanced threats," the Damballa report stated. "The adversaries are persistent, stealthy and highly targeted in their efforts. As such, they can bypass prevention controls like anti-virus, firewalls, IPS and most sandboxing tools."

When it comes to point-of-sale devices, organizations need to assume simply that "prevention won't work," the report warned.

"[P]revention can't keep up with constantly morphing malware because binaries change on a daily basis," the report stated. "Once a device is infected, the malware evolves. It is periodically updated and repackaged. A new malware binary is created. Criminals do this to stay one step ahead of signature-based prevention."

The best response is for businesses to adopt a mindset of 'continuous response,' the report concluded. "Assume you will be compromised and be ready to remediate."

ISPs at 'Ground Zero' for Security

We reached out to Damballa CTO Brian Foster to learn more about the report's findings, and what they mean for businesses.

"Resource-rich, large enterprises, in theory, should have better control over network security devices and users," Foster said. "However, it is possible for SMBs (small- and medium-size businesses) to achieve proactive breach detection. Their best response is to drive demand for better security through their ISP. ISPs are at ground zero for security. There are ISPs today that offer subscriber notification and remediation when malware is detected on their device."

When asked whether new mobile payment systems like Apple Pay might help eliminate some of today's IT security concerns, Foster said, "We always say there is no silver bullet but you can continually improve your security posture."

"Enterprises that conduct payment transactions need to shift focus from trying to stop malware attacks from getting in, because motivated criminals will always find a way in, to detecting breaches early, before there is damage," he added. "Mobile payment methods seem to offer promise but not enough is known yet so the jury is still out on long-term security effectiveness."

For consumers, this means "don’t view security as a given, regardless of who you are handing your credit card to. Be aware, check your monthly card statements, sign up for credit monitoring, etc.," he said.

Tell Us What You Think
Comment:

Name:

Ulf Mattsson, CTO:
Posted: 2014-10-24 @ 11:52am PT
I agree that “Most POS malware attacks are advanced threats," and "The adversaries are persistent, stealthy and highly targeted in their efforts. As such, they can bypass prevention controls like anti-virus, firewalls, IPS and most sandboxing tools." Even if the malware is detected it could be hard to notice in the noise malware detection systems. This is illustrated by the attack on Target last year.

We have seen that monitoring cannot catch the bad guys until it is too late and this picture is unfortunately not improving, according to Verizon. The Verizon 2013 and 2014 reports concluded that less than 14% of breaches are detected by internal security tools. Detection by external third-party entities unfortunately increased from approximately 10% to 25% during the last three years. Specifically notification by law enforcement increased from around 25% to 33% during the last three years.

Advancements in big data security analytics may help over time, but we don't have time to wait.

The attackers are increasingly focused on stealing our sensitive data and will always look for the next path to attack the data. So we urgently need to secure the sensitive data itself with modern data security approaches.

The good news is that analyst studies have shown that users of data tokenization experience up to 50% fewer security-related incidents (e.g., unauthorized access, data loss, or data exposure) than non-users.

Ulf Mattsson, CTO Protegrity

Like Us on FacebookFollow Us on Twitter
MORE IN CUSTOMER DATA

NETWORK SECURITY SPOTLIGHT
President Trump has banned the U.S. government from using Kaspersky. The Russian cybersecurity company has been accused of -- but denied -- being in cahoots with Kremlin espionage.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.