The Federal Bureau of Investigation (FBI) has warned U.S. retailers to be on the lookout for more cyber attacks. They’ve discovered about 20 hacking cases using the same type of malicious software that was used against the Target Corporation over the holiday season. They are warning that preparations should be made because they strongly believe they will strike again.
The FBI issued a confidential report last week to retailers detailing the threats posed by “memory-parsing” harmful software that infects point-of-sale (POS) systems. These include credit-card swiping machines and cash registers found inside store checkout aisles.
The report from the FBI stated that they believe this malware crime will continue to increase when using POS systems despite security firms and law enforcement’s actions to alleviate it. This type of financially motivated cyber crime is attractive to a wide range of people. The affordability of the software, accessibility of the malware on underground forums and the potential profits that can be made from retail POS system in the U.S. is enticing.
A spokeswoman for the FBI confirmed the January 17 report was issued by the agency. This report titled, Recent Cyber Intrusion Events Directed Toward Retail Firms is a part of the FBI’s attempt to share information about threats with the private sector.
Target Corp is the number three U.S. retailer in the United States and the attack they suffered last month was one of the largest in retail cyber attack’s history. This breach caused credit card, bank industry and retail executives to be increasingly concerned about the security of their payment card networks.
The attack against Target Corp went on for 19 days before it was even detected. The result was about $40 million in debit and credit card records. The string of cyber crime also compromised the personal information of 70 million customers.
Other retail chains have also been victimized by these up and coming cyber attack criminals. Neiman Marcus said nearly 1.1 million customer cards were exposed, from July 16 to October 30 2013, by a data breach.
One consultant who didn’t have the authority to comment publicly about the information contained in the report said the report is based on statistical data that the FBI continues to see. Retailers have been advised to hurry and get better tools in their networks that are able to identify any unusual activity and analyze traffic patterns quickly.
An expert in retail security said that it is harder for small to mid-sized retailers because they simply don’t have the finances or expertise as the major retailers have. Currently the bulk of POS malware cases that have been investigated by the FBI are these small to mid-sized businesses. Their losses each are estimated from tens of thousands to millions of dollars.
The memory-parsing software that the cyber criminals have used in these attacks is also known as a “RAM scraper.” After a customer swipes their card the POS terminal snags the transaction information from the card’s magnetic stripe and transfers it to the payment processing provider for the retailer. Data is encrypted during the transfer process but the RAM scrapers swipe the information quickly while it is still in the live memory bank of the computer. While the data is there it will very briefly appear in plain text.
RAM scraping technology is not new but the malware developers have enhanced its features causing it to become more difficult for anti-virus software to detect it. It is especially harder for POS systems that are running Windows software to identify it.
This malware is selling at a fast pace in underground markets. Alina is the name of one variant of the malicious POS software and it includes an option for remote upgrades. This makes it more difficult for corporate security teams to recognize or eliminate it. FBI reports that in a “well-known” underground environment at least one type of this “memory-parsing” malware is selling for as much as $6,000.
According to the report, “The high dollar values achieved from many of the compromises are encouraging intruders to incorporate systems that allow the thieves to remain undetected and to develop highly sophisticated methodologies.”
After reviewing the FBI report one expert in cyber security said, “This is troubling.”
Tom Litchford, National Retail Federation Vice President, responded to the report by stating retailers have been vigilant in their efforts to render the highest level of security for the data systems and will remain watchful in order to protect against these malicious criminal acts. As the criminal investigations continue allowing more information to be released people can be assured that the retail industry is engaged and will be responsive to make sure that this particular cyber-attack does not recur.
The FBI has warned U.S. retailers to make preparations for more cyber attacks. They issued a report consisting of three pages detailing potential risks and warnings. This means the consumer should also be concerned and hands-on with their finances as well as their financial institutions.
By: Cherese Jackson (Virginia)