In a reported FBI bulletin to major retailers across the US, they state that 2014 will see about one major retailer per month falling victim to cyber attacks, as hackers are targeting credit card transactional information and details of customers.
This isn’t welcome news, since many are still reeling from the effects of recent attacks, for example, during the holidays, the heavily publicized incident where over 100 million Target customers payment information was compromised, and Neiman Marcus, where 1.1 million customers were affected.
Hackers are getting craftier. As Null Byte explains, hackers most likely from Russia managed to insert zero day malware into the point of sale systems that were being run on unpatched Windows systems. When a customer makes a payment, it seems this latest version of malware peels off and scrapes the information from the computer’s memory while it is running, collecting payment data in real time, allowing hackers to access it.
This is a very serious growing threat, and retailers are proving to be very easy targets. Once a hacker infiltrates the systems, they can get the data of every transaction processed.
The shocking aspect is that security professionals such as myself are always telling people to secure their information with strong passwords, and now merchants aren’t keeping this information safe either.
So what are you to do? Believe it or not, smaller MOM and POP shops may actually be a bit more secure to deal with. The stand alone credit card terminals found in small stores usually have E3 (End To End Encryption) built in, so the card information is encrypted before it is transmitted.
Other than that, till retailers are able to seriously lock down their systems and protect data, you may want to consider paying in old fashioned cash.