CIO Today HOME LATEST NEWS NEWSLETTERS SEARCH Search
  LATEST NEWS FOR SATURDAY JANUARY 21

Close Search Box
CIO Today
DATA SECURITY
New 'Backoff' Malware Slips Undetected into Retail Systems
Posted July 31, 2014
New 'Backoff' Malware Slips Undetected into Retail Systems
Next Story
EARLIER
IBM Beefs Up Identity Intelligence Security Solutions
THIS STORY
New 'Backoff' Malware Slips Undetected into Retail Systems
Next Story
LATER
Can Planes Be Hacked via Onboard Wi-Fi?
YOU ARE HERE:   HOME arrow DATA SECURITY arrow THIS STORY
NEWS OPS

By Shirley Siluk. Updated July 31, 2014 11:42AM

SHARE

ALSO SEE

'Malicious actors' are using a new variety of malware to access consumer payment data remotely through point-of-sale (PoS) systems, according to a new report released Thursday by the U.S. Department of Homeland Security (DHS).

The "Backoff" malware takes advantage of applications like Microsoft's Remote Desktop and Apple Remote Desktop that let remote users -- telecommuting employees or independent contractors, for example -- connect with a company's in-house computer network. Hackers are employing the malware to connect with PoS systems operated by retailers and other businesses, then using brute force to log into those systems remotely.

"At the time of discovery and analysis, the malware variants had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious," said the DHS report, which was prepared with the help of the National Cybersecurity and Communications Integration Center; the U.S. Secret Service; the Financial Services Information Sharing and Analysis Center; and Trustwave, a Chicago-based cyber-security company.

Malware Criminals Not 'Sitting Still'

The first variants of the Backoff malware were detected in October 2013, and several new versions have been identified since then, according to the DHS report. The malware has been connected to at least three separate cyberattacks, although the agency did not identify the organizations that were affected.

We reached out to Karl Sigler, manager of threat security at Trustwave, to learn more about Backoff and what organizations can do to protect themselves from such malware attacks.

"It's completely new malware," Sigler told us. "Nobody has seen it before."

In addition to being difficult to detect, new variations of Backoff have continued to emerge, the most recent one being identified in May.

"The criminals out there don't sit still," Sigler said.

Constant Vigilance, Best Practices

While Backoff attacks up until now have been all but undetectable, with the public release of the DHS report and details about the malware's "indicators of compromise," anti-virus software companies are "no doubt" now working to develop protection against the new threat, Sigler said.

In the meantime, he added, retailers and other businesses that want to protect themselves from attacks should be sure to follow the best practices that are regularly recommended by cyber security professionals: use strong passwords, take advantage of two-factor authentication and closely monitor network activity to watch for unusual traffic patterns or strange IP addresses.

Consumers should take similar precautions, said Thomas Holt, associate professor with the School of Criminal Justice at Michigan State University. They should use a secure home computer to, for example, regularly check their bank and payment statements to spot problems as soon as possible.

Continual vigilance is the best defense, Sigler said. Retailers and other businesses, whether they're large or small, can't simply assume that vendor-provided PoS systems automatically provide state-of-the-art security.

"Generally, security takes a back seat" in such systems, Sigler said.

Tell Us What You Think
Comment:

Name:

TheSource49:
Posted: 2014-08-01 @ 10:58am PT
Interesting article, best practices in Cyber Security are often hard to identify , I would encourage you to read how companies like OPSWAT are advancing multi-scanning applications to the front lines

MORE IN DATA SECURITY

Next Article >

NETWORK SECURITY SPOTLIGHT
This Spotlight
Is Brought to You By:

INSIDE CIO TODAY NETWORK SITES SERVICES BENEFITS