POS Resellers To Clients: You're Just As Vulnerable As The Big Retailers


The massive data breach impacting Target and Neiman Marcus has increased the focus on malware designed to steal data from the memory of point-of-sale systems. But experts who sell the software and computer systems say internal threats, not external hackers, top their clients' biggest concerns.

Neiman Marcus last week warned that more than 1 million credit and debit cards were exposed following a breach of its systems. And on Saturday arts-and-crafts retailer Michaels Stores revealed that it was investigating a potential breach at its locations.

An FBI memo obtained by Reuters reportedly warned executives at retail firms to expect more breaches, following what appears to be a similar technique repeated against merchant systems.

The spyware uncovered by forensics investigators in the attack on Target collects credit and debit card data, storing the information into a Windows file and uploading it to a local computer inside the retailer's network once every seven hours. To appear like routine network traffic, the malware is programmed to only upload the files during typical work hours from 10 a.m. to 5 p.m. A second spyware program uploads files to File Transfer Protocol (FTP) sites controlled by the cybercriminals.

[Related: Massive Target Breach Puts Spotlight On PCI Complexity
]

Despite high-profile breaches stemming from attacks carried out by financially motivated cybercriminals in Russia, Eastern Europe and China, smaller retailers are more worried about theft carried out by their own employees, said Jacob Bilton, sales manager at Value Systems, a Myrtle Beach, S.C., point-of-sale reseller. The company has more than 120 customers, mainly restaurants, cafes and small independent retail stores that have a maximum of three systems that support payment system software, Bilton said.

Cybercriminals target large organizations because there is a greater potential to make money, he said. Independent retailers with a single store and small restaurant and cafe owners believe they don't do enough transactions to make them a target, he said.

"Everyone is now well aware that hackers have found a way around the protections in place and they're repeating the process at other stores," Bilton said. "Hackers go after big-box stores because they are easier targets than to attack a local restaurant or independent store owner."

NEXT: Smaller Retailers, Hotel, Restaurant Franchises Targeted Most