How Can A Hacker Breach a POS System?

How can a Hacker Breach a POS System?

Data breaches have risen 27.5 percent in the United States this year. One reason for the increase in data breaches is that electronic payments now outnumber cash transactions. Therefore, hackers have taken notice of this increase and this has increased the number of POS system breaches making the headlines. Two of the top hacks that made the headlines were Home Depot and Target. The two networks were easy targets for hackers because they used outdated network technology, which left them vulnerable to hackers.

How Hacker Attack a POS And What Do They Look For?

Hackers first line of attack is to launch a broad-based attack using a watering hole

A group of hackers that specialized in compromising machines and launching malware attacks breached the Home Depot network. This form of attack is known as a watering hole attack. The hacker team compromised popular websites and installed an “exploit kit” into the site that targeted the browser vulnerabilities. Therefore, when users visited the website their system browsers were also compromised.

The second phase of an attack the hacker does is a first-level analysis of the compromised systems

After the initial exploit kit attack the hackers look at what types of systems they have gained access to. They look at the software installed on each machine and their IP address. Hackers are also interested in the email address of the user. Hacker’s perform this analysis to see what assets they have received from the “net” for their broad-based attack.

Hackers now identify all viable targets

After the hackers reviews and identifies their assets they have obtained from the first level attack they launched. The hackers then search for all viable targets from their catch. They review their catch looking for any major or minor retailers. Afterwards, they select the biggest retailer from their catch and start working towards their objective. How can they compromise the corresponding POS terminals?

Hackers now plan and pivot their attack

After the broad-based attack the hackers will start working on the initial point of compromise. The hackers now start to pivot on the corporate network. They start performing reconnaissance on the network to identify the machines they can access. Afterwards, they start executing their attack from these systems they have gained access to.

Hackers have found the vulnerabilities, then they move to their objectives

After the hacker has gained access to the network he starts to identify ways to gain access to the POS terminals. Unfortunately, in Target’s case they had a relatively open network. This network made it easy for hackers to attack their network. Afterwards, hackers will target the known vulnerabilities in the system and install memory-scraping malware. The malware then goes to work harvesting credit card information.

The critical last step is to move the harvested information to a new location

The hacker’s last step is to take the harvested credit card information and move it off the POS terminals to another location. Again, in Target’s case this data was moved to an FTP server in Eastern Europe. Once moved to a new location the hackers can start to sell the information on the black market.

Image: flickr.com

Recommended Posts | Network Management

Network Monitoring System

Network Monitoring System for Instant Reporting

The computer network is a complex system and faults do pop up in spite of best design and equipment. The human error needs to be monitored online to rectify the problem immediately. Important links to ISPs or critical servers, security equipments need to be monitored and reported immediately ...
Network Management with SNMP

The Basics of Network Management with SNMP

SNMP is a popular protocol for the management of networks, used for gathering and configuring information from network devices, such as hubs, printers, servers, switches, and routers on an IP network, or any device which is network-capable. SNMP agents, managed devices and network management systems ...

How to Prepare Your Business for PCI DSS 3.0

Today credit card breaches are becoming widespread and affecting all retail organizations world-wide. After the recent retail store data breaches at Home Depot, Target, Michaels, and Kmart we see how cardholder data (CHD) has become an increasing target for cybercriminals ...
Home Networking

Home Networking: The Wired Option Still Excels

Devices demanding WiFi capability are growing, but wired setups remain the best home networking option. The future of home networking includes a strong wireless network backed by organized and up-to-date wired connections. Wired + Wireless. Dispersing Connections. Cabling: Category Vs Fiber Optic ...