The FBI believes that we haven’t seen the end of the malware attacks that have affected companies like Target.
They have given out a report, called “Recent Cyber Intrusion Events Directed Toward Retail Firms”, which is confidential, to retail companies and it outlines the danger presented by malware that is “memory-parsing” and infects POS systems.
“We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms’ actions to mitigate it,” said the report, according to Reuters, who have a copy of it. “The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors.”
In the attacks that have just occurred, the malware uses a software known as a “RAM scraper”, which is able to capture the information of a credit or debit card after it has been swiped and during the the encryption process. Some of these malware programs even have the ability to be accessed and upgraded remotely, making them even harder to detect.
Apparently the National Retail Federation are “alert” and ready for further attacks.
“Retailers have been and remain vigilant in their efforts to provide the highest level of security for their data systems in order to protect against malicious and criminal acts,” Tom Litchford, the NRF’ Vice President, said via statement. “As the criminal investigation continues and more information becomes available, you can be sure that the retail industry will be responsive and engaged to ensure this particular cyber-attack does not happen again.”