Recycle and Destroy Obsolete POS Systems to Limit Vulnerability to Botnets
Research from security analysis firm Trend Micro has highlighted a new strain of POS systems malware called BlackPOS. The malware seeks out POS systems within networks and uses the Gorynych/Diamond Fox botnet to exfiltrate stolen data. Trend Micro analysts found that the malware has already infiltrated small and medium-sized business networks around the globe, and continues to spread.
To launch the attacks, cybercriminals use penetration testing tools to gather information about their target networks. Then the criminals use another set of tools to penetrate these networks. The attack makes use of the Windows Background Intelligent Transfer Service (BITS) which can be used to exchange files with Microsoft. BITS typically used to download system updates.
To combat this threat, the researchers advise that network defense personnel beef up their password protection policies and log activities like port and vulnerability scanning, and brute-force attack attempts. Additionally, IT administrators should to keep current on known POS malware and make themselves aware of indicators of compromise lists that can help mitigate these threats.
Additionally, it’s crucial that companies keep accurate inventory of their hardware and software so that they can keep aging and unsupported assets out of their networks. The longer a device is around, the more time cybercriminals have to find and exploit hardware and software vulnerabilities. For instance, out of date Windows Embedded OS’s have recently put thousands of ATMs at risk of breach in the UK.
Contact Avritek today if your company needs help inventorying or off-loading its POS systems and ATMs, as well as any other type of technology hardware.