The bull’s eye for cyber criminals: PoS Systems

Point of Sale (Pos) systems that take payments for goods and services for the hospitality and retail industries really serve as the point-of-strike for cyber criminals stealing credit card information.

Applebee’s, a popular restaurant chain, is the latest to find malware on their PoS systems that infected more than 160 restaurants across the United States. The malware was designed to secure names, credit or debit card numbers, expiration dates, and card verification codes.

Applebee’s is not alone in this predicament. Other companies have suffered the same indignities through their PoS systems, and the trend will continue.


Cybercriminals have scoured the computer systems for the hospitality and retail industries and found an easy way into the store network through the PoS workstation. This part of the system doesn’t check when someone has approved access to perform critical functions, as discovered by researchers at ERPScan. The red cloak is raised, and cybercriminals just need to connect a $25 (£17) Raspberry Pi to the network to upload malicious code to come charging into the network.

Malicious software like PoSeidon, Alina, vSkimmer, Dexter, and FYSNA are uploaded to gather credit card information and send it back to the cyber criminal’s server. Another kind of point-of-sale malware discovered by researchers at Forcepoint hides inside DNS requests to steal credit card data. This UDPoS hides in a DNS request to steal credit card data, which makes it a little more stealth and harder to detect.

The other opening for cyber criminals is third-party suppliers that subcontract with restaurants and retailers. Those organizations, in turn, hire other companies creating a long chain of providers that handle sensitive data. It is in this chain that credit card information is potentially exposed.

Corralling ‘the bull’

The only way to combat this barrage of cyberattacks is to continuously monitor PoS devices and install patches regularly. In the case of the Forever 21 PoS breach, for example, the fraudsters took advantage of some PoS devices that were not updated with the latest security.

Neutralizing the credit card information after a breach is another way to combat fraudulent transactions. Restaurants, retailers, and other companies offering services in the card-not-present (CNP) channel need to identify customers by means that don’t rely on the – potentially stolen – static data. By analysing the user’s online behaviour through hundreds of other identifiers that hackers can’t imitate or steal, the stolen data is not useful anymore.

Multi-layered security solutions that include passive biometrics and behavioural analytics allow vendors to protect customers whose data was stolen while avoiding fraud from happening in their environment.

NuData Security is an award-winning passive biometrics and behavioral analytics company. Our flagship product, NuDetect, helps companies identify users based on their online interactions – behavior that can’t be mimicked or replicated by a third party.

Back to top button

Please disable your ad-blocker to continue

Ads are the primary way in which publishers generate the revenue needed to pay their staff. If we can't serve ads, we can't pay journalists to write the news.