FBI asks shops to build defences against cyber-thiefs
25 Jan 2014
Issuing a warning to US shops, the FBI has asked them to beef up defences against cyber-thieves.
The warning was included by the agency in a confidential letter to large retailers which Reuters said it had obtained.
The FBI said shops in particular needed to guard against the type of malware that was used to steal millions of credit card details from shoppers at retailer Target.
According to the FBI, it had seen about 20 cases, over the last year, where data was stolen using the same type of malicious code.
That code had been inserted on to credit and debit card swiping-machines, cash registers as also other point-of-sale (POS) equipment.
"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," read the FBI report.
According to the agency, the low cost of the virus code, its wide availability on underground markets and the potential for profit if POS equipment was compromised made it very attractive to thieves. The report said, one copy of the type of software used to grab data at tills was on sale for only $6,000 the FBI report said.
According to commentators what was more troubling was that the FBI was explicitly warning that it would almost certainly happen again.
"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," the FBI said in the report.
What led to the Target breach was an advanced piece of software called POSRAM Trojan, which was also responsible for other attacks on retailers' point-of-sale systems. POSRAM, a memory scraper captures data stored on a card's magnetic strip at the moment of its swipe through the terminal while the data was still in the system's memory.
Encrypted data appears in plain text.
Meanwhile, consumers spent a total of $5.3 billion online over Thanksgiving weekend, in a 22 per cent increase over last year, when shoppers spent $4.3 billion online.
Cyber Monday, the busiest online shopping day of the year, set another record this year, with shoppers spending $1.74 billion online, a record for the most dollars spent online in a single day.
Brick and mortar stores saw retail sales fall over Thanksgiving weekend for the first time since 2009.
According to commentators with many incentives for shopping online, developments that led to trust deficits at storefronts with their credit card information could be the death knell.