TMCnet News
Cyphort Issues Industry's First and Only Special Report on Point-of-Sale Malware Samples Used in 2014 Cyber Attacks Against RetailersSANTA CLARA, Calif. --(Business Wire)-- Cyphort, a pioneer of Advanced Threat Defense (ATD) solutions, today released results of a Cyphort Labs 'Special Research Report' on point-of-sale (POS) malware samples used in cyber-attacks on popular retailers within the last year. This is the industry's first and only research summarizing the characteristics of malware used in many attacks. Cyphort Labs focused its research on attacks against three retailers, Target (News - Alert), Home Depot and UPS and the popular malware samples BlackPOS, FrameworkPOS and Backoff used in the attacks. While this extensive look into popular POS malware samples focused on Target, Home Depot and UPS, these samples have also been used in attacks against other retailers, including Dairy Queen, Albertson's and possibly Neiman Marcus. "2014 has become 'The Year of The Retail Hack' yet corporations in many industries are under constant attack from criminals. The attacks are extensive and extremely damaging to a corporation's bottom line and neither investors nor consumers are happy," said Dr. Fengmin Gong, Cyphort's co-founder and chief architect. "The Target, Home Depot and UPS breaches made headlines because of the size and scope of proprietary information stolen, but also because these companies are household names. Cyphort is the first company to publish a report of this depth and we hope the findings will benefit security professionals and researchers so they can better understand specific patterns of behavior being carried out in these attacks." Cyphort Labs' researchers analyzed BlackPOS, FrameworkPOS and Backoff malware samples. What they learned is that Backoff is much more advanced malware that not only is designed to attack a broad spectrum of POS systems but also is more evasive to detection. FrameworkPOS and BlackPOS on the other hand resemble off-the-shelf software, tailoed specifically for dedicated targets. They are most likely not from the same authors but FrameworkPOS leaves the strong impression of a copycat attack after former POS malware incidents. Cyphort Labs Special Research Report Highlights:
Dr. Gong added, "Cyber criminals will always go where the money is because they are after a company's most valuable assets. In the case of retailers, it is social security numbers, credit card numbers and other personal information enabling them to commit fraud and identity theft. We are confident that retailers can turn the tide and put the hackers on the run in 2015 by focusing their security solutions heavily on their most valuable assets and by properly identifying the most risky corporate assets and locking them down." To help retailers and security professionals, Cyphort Labs recommends the following seven steps to implement an effective cybersecurity defense against modern POS threats:
To read the full Cyphort POS Malware Report, November 2014, please visit: http://info.cyphort.com/posmalware. About Cyphort Cyphort is innovative provider of Advanced Threat Protection solutions that deliver a complete defense against current and emerging Advanced Persistent Threats, targeted attacks and zero day vulnerabilities. The Cyphort Platform accurately detects and analyzes next generation malware, providing actionable, contextual intelligence that enables security teams to respond to attacks faster, more effectively, and in as surgical a manner as their attackers. Cyphort's software-based, distributed architecture offers a cost effective, high performance approach to detecting and protecting an organization's virtual, physical and cloud infrastructure against sophisticated attacks. Malware detection for Windows, OSX and Linux allows businesses to extract maximum value from IT assets without compromising the security of an organization. Founded by experts in advanced threats from government intelligence agencies and premier network security companies, Cyphort is a privately held company headquartered in San Jose, California. For more information, please visit: www.cyphort.com.
|