Essential Guide

Problem solve Get help with specific problems with your technologies, process and projects.

Understanding and responding to POS malware

Attention-grabbing headlines make clear the problems point-of-sale malware can cause. This essential guide takes a close look at the threat, what happens when POS malware attacks and what security pros can do about it.


Starting in 2013, attacks on the point-of-sale systems of major retailers like Staples, Target and Neiman-Marcus made us painfully aware of the threat that POS malware poses. Retailers like these held caches of immensely valuable data, including credit card numbers and personally identifiable information (PII). And hackers got a hold of it.

This guide explores the nature of the threat, primarily by reviewing the story of the point-of-sale malware breaches of the past year, and examines the damage done, but also proposed strategies that retailers and security pros can take to prevent the next POS malware disaster.


Warning: Point-of-sale systems are targets

Since mid-2014, the U.S. federal government has been warning against, and monitoring, a type of malware that targets point-of-sale systems. One of the major threats is Backoff; another is called BlackPOS, also known as Kaptoxa. (Pronounced kar-tosh-a, the Russian word for potato, reports indicate it contains some Russian code). POS malware breached systems of major retailers and stole hundreds of thousands of credit card numbers and other personal data. This segment of our guide reviews the breach stories, from the initial warning of the threat to the revelation of the damage done. Backoff, and all POS malware, pose an immense threat to the security of financial and other sensitive data; these articles focused on the U.S. government's warnings and other informational releases make clear the extent of the threat.


POS security weaknesses lead to retail breaches

Though the Target and Neiman Marcus data breaches alarm consumers, experts say there are so many POS weaknesses that, from a security perspective, it's surprising there aren't more break-ins. Why is POS is so vulnerable? There are several factors, but there are also ways to improve security. Continue Reading


Windows XP end-of-life means POS security, and PCI compliance issues

Windows XP end-of-life may make PCI compliance difficult for merchants who don't solve the security weaknesses of XP-based POS systems. Continue Reading


Hackers grab 1.16 million cards in 1,400 Staples stores

An October 2014 data breach at the office-supply retailer ultimately compromised the numbers and other transaction data of 1.16 million credit cards and POS malware seems to have infected systems of the majority of Staples stores. Continue Reading


POS systems offer data collection opportunity

Oracle acquired Micro Systems, a seller of POS software nationwide. Why? It seems the opportunity to collect data for analysis is a key draw. Continue Reading


The nature of the POS malware beast today

As 2014 ended and 2015 began, experts began assessing the nature of the threat POS malware poses now, and noticed some interesting characteristics and recent changes. For instance, while the number of attacks may be dropping, they are just as deadly to retailers. The time lag between attack and detection (not to mention alerting the consumer) is a source of danger, too.


Fewer attacks, greater damage

Early assessments for the end of 2014 suggest cybercriminals are attacking less but stealing more data from retailers, using POS malware and other methods. Continue Reading


Backoff POS malware remains a favored means of attack

While the number of attacks overall may be decreasing, Backoff malware is proving popular with hackers. Continue Reading


Detecting an attack can take months

Reports of a malware attack on Chick-fil-a shows that breaches can go unnoticed and unreported for months … or longer. Continue Reading


BlackPOS another malware threat to watch, Home Depot attack shows

While Backoff malware has been getting the most press, there are other variants of POS malware that retailers need to watch for. Continue Reading


Defending a POS system

POS systems are everywhere, and hackers are too -- and they are determined to get to the valuable data those systems contain. Is there no hope? It's a tough security issue but there are things professionals in the security field, and retail system managers, can do to make it tougher for the bad guys and, with luck, keep them out altogether. This section walks through how to create the most secure point-of-sale system and network possible.


Security is fundamental -- but hard to grasp

POS malware, phishing scams and other breaches are hardly new to corporations -- but the breaches keep happening. Why? Continue Reading


POS breaches offer security lessons

Massive malware attacks on point-of-sale systems have compromised some of the world's largest retailers. But there are lessons for desktop admins to learn from these events. Continue Reading


Worried about POS malware? Whitelisting to the rescue

By whitelisting technology, point-of-sale connections can be made safe(r) from the threat of POS malware. Continue Reading


POS security: Is there a definitive defense yet?

Is there really any way yet to make POS completely secure? At Black Hat USA an expert demonstrates how the latest attacks work. Continue Reading


POS terms to know

To grasp the threat and the solution to malware targeting point-of-sale systems, it helps to know the terminology. Check out this system for the key POS terms in use now.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.