Over the past 18 months, we’ve seen a number of large-scale attacks that have compromised the point-of-sale (PoS) systems of major retailers, such as Target and Neiman Marcus. This week uncovered another attack aimed at PoS systems, with the aim of stealing consumer card data. The attack uses a new piece of malware, ‘NitlovePOS,’ which targets PoS terminals running Windows.
In common with previous attacks against PoS systems, NitlovePOS starts with a phishing email with an infected document attachment. If the user clicks to open the document, the infection is launched and will start trying to track down payment card data.
This is why proper segmenting of networks, to separate email systems from other business systems such as payment networks, is so critical in preventing such attacks causing breaches of card data. If the malware cannot see the payment network, it cannot easily jump across to it to start intercepting information – giving the organisation the chance to fix the problem before significant damage is done.