Theft of credit and debit card data is one of the oldest forms of cybercrime and still exists today. Let's see what happens to system attacks POS (Point of Sales).
Organized cybercriminal groups organize sophisticated operations to steal large amounts of data, which are then made available to illegal markets. Οι εγκληματίες μπορούν να χρησιμοποιήσουν τα δεδομένα που κλέβουν από το μαγνητικό strip μιας κάρτας με στόχο τη δημιουργία κλώνων. Πρόκειται για μια ελκυστικά προσοδοφόρα επιχείρηση, με τις cards to reach selling prices of up to US$100. the one.
Invaders can follow various ways to steal this data. One option is to access a database on which the card data is stored. However, another option is to target the point where the retailer first obtains the card data: the Point of Sale (POS) system, ie the point of sale.
Modern POS systems are specially configured computers that have sales software installed and are equipped with a card reader. Card data can be stolen by installing a device in the card reader, which can read the data from the card's magnetic strip. This n procedure it is known as "skimming". As this process requires additional hardware and personal access to the card reader, it is difficult to carry out this kind of theft on a large scale.
These practical difficulties have led to the development of malware operation which has the ability to copy the card data once it is read by the card reader. The first attacks of this type were observed in 2005 in a series of attacks created by Mr. Albert Gonzalez. These attacks resulted in the theft of over 170 million card numbers. Since then, an entire industry has grown up around attacking POS systems with tools readily available on the illicit markets.
Despite improvements in card security technologies and PCI DSS (Payment Card Industry Data Security Standard), there are still gaps in the security of POS systems. This, combined with general weaknesses in the security of company IT infrastructures, means that retail outlets are exposed to groups of cybercriminals who are becoming more resourceful and more organized.
Download the full report (PDF)
From Symantec newsletter