Recently the threat from ransomware has been grabbing most of the media headlines but what is often forgotten is that malware remains very much alive and active in the point of sale (POS) environment. Its target is retailers and hotel chains as well as small businesses who remain the ideal focus because they often operate on less secure platforms or infrastructure.
Experts are highlighting a malware product known as RawPOS, which first found its roots back in 2008 and appears to still be showing signs of life almost ten years on. Just like a biological virus, RawPOS has developed into a new version of itself, although its behaviour is much unchanged. Typically, the malware will lay dormant for a year or more before the data is withdrawn and then sold on. This means that significant breaches can remain undetected for months or even years. It’s a scary but ruthlessly effective strategy.
RawPOS is a Windows-based malware that targets card payment data and has particularly hurt the hospitality industry over the last decade. It is also responsible for some of the effective and generally devastating card breaches that have become regular news features of late.
Trawling through the more technical press will reveal countless articles on RawPOS and the impact it has had on industry. Last year, card issuer Visa started sending alerts to the hotel sector, warning that they were being targeted, although it wasn’t an exclusive attack. Retailers were certainly not immune either.
So, as a POS user, what should you be looking out for?
This new variant of RawPOS was first discovered at the start of this year but because the developers have removed code rather than adding it, they have taken the smart approach of bypassing cybersecurity defences because most protection systems only know how to stop threats built with a specific code. If that code is amended, then it effectively acts as a cloaking mechanism.
The only way to truly and successfully combat this threat is to ensure that any anti-virus products deployed on the POS remain up to date. Keep checking your environment and ensure that any updates you need to apply are made immediately and then tested.
Years ago, theft was an entirely physical action. Today the digital landscape offers more opportunity for undetected crime. The stakes are higher, the criminal rewards far greater and the threat to business is as much about reputation as it is sales.