lolloj - Fotolia
Since the point-of-sale malware Backoff was discovered on so many businesses -- more than 1,000, according to the U.S. government -- the PCI SSC is strongly suggesting security teams take steps to prevent it. What should my company be doing to stop Backoff?
During the summer of 2014, the U.S. Department of Homeland Security issued several warnings to retailers about the Backoff malware, which it estimated had affected over 1,000 businesses in the United States. The rise of Backoff malware comes in the midst of several high-profile security breaches that affected national retailers like Home Depot, Target and others.
If a company operates a retail environment, it is already well-acquainted with PCI DSS. The good news is that, if the organization is currently PCI-compliant, it is probably also protected against Backoff. PCI DSS requires organizations to install antivirus software on "all systems commonly affected by malicious software" and to keep antivirus signatures current.
The major antivirus software vendors have already issued signatures for Backoff and its variants. If a company runs current software, it's reasonable to assume its systems are protected. This is, however, a good opportunity to verify the software is installed and up to date on all systems within the cardholder data environment. It is also a good idea to manually check scan results to ensure all systems are checking in as expected and that there is no sign of Backoff on the company network.
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
Backoff malware campaign infected over 1,000 businesses according to the U.S. Department of Homeland Security.
Sophos' Chester Wisniewski details point-of-sale security for enterprises.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.