In 2014, a whopping 56 million credit and debit cards were involved in a data breach in Home Depot while a security attack in Sally Beauty compromised 280,000 debit and credit cards. It was said that an old version of the malware Framework POS caused these attacks.
Just how a virus which causes diseases in human turns into something nastier, these malwares also evolve into something stronger and more immune to anti-virus software.
A new version of the Frameworkpos malware uses DNS (Domain Network Service) request to get encoded data such as credit card numbers. Shopping
How to POS systems users avoid an attack from the Framework POS?
It is advised that companies use passive DNS in storing and monitoring its activities. Passive DNS captures only server-to-server communication and allows an almost real-time detection of fraudulent changes in its activity. Monitoring suspicious activities are easier this way.
Another recommended action to take is to only allow PoS devices in accessing relevant white-list domains. Whitelisting is allowing only a number of identified domains to be accessed by the PoS. This way, only those trusted domains can interact with the POS system and will push back those domains which were not included in the white list especially those malicious ones that will try to stage an attack to the system.
Business owners can also employ data loss prevention (DLP) solutions to because they protect against data exfiltration and focus their security efforts to protect highly sensitive information against theft. Use of EMV-compliant terminals also assures a more secure transaction between the store and the customer. Nowadays, most credit card companies have replaced striped cards with that one having a smart chip that provides an extra layer of protection. Upon contact with a terminal, the chip creates a transaction code unique for that specific purchase and cannot be used again. Even if a hacker stole information from a chip and manufacture a counterfeit card, it can never be used.
While experts say that Framework PoS is not the most advanced malware in existence, it did cause a massive security breach in a number of major retail outlets. It is still better to take a one step ahead of these security attacks by keeping the POS system updated. Get the service of an IT security expert or, perhaps, someone from the support team of the POS system employed by the store can come in and check whether there are potential security threats lurking within the corners of the store.