Saturday, January 25, 2014

Target not the only one wearing a target apparently…

Last week I posted some information on the Target POS breach:

POS attack - a bit more now known - Grand Stream Dreams blog

That post has a lot of good general information on what was involved in the the attack, how it seems to have operated, and some technical analysis on the malware used.

There hasn’t been much new information on the story recently.

While Target has been the primary focus in the media, those following the story and security news sites heard the distant rumbling that hinted that Target (and its customers) were not the only victims. There were likely to be other companies and their customers hit as well.

It does seem that the malware platform that was used on Target was modified for that attack, which means that similar malware platforms might have been purchased by others and/or modified for the attacks on other merchant companies as well.

Now that thunder is rolling closer and being more defined.

It isn’t clear if these attacks are coordinated (probably not) or coincidental (more likely) and just has been found as company incident response and audit teams sweep their own systems to see if anything is miss since. Or it could be that security researches are finding large batches of card data from specific companies suddenly coming up on the market. In several cases it seems that credit card processors themselves are identifying unauthorized payment card activity and noticing enough of a pattern to smell something is wrong.

Regardless, the writing on the wall is pretty clear…our credit card POS system and infrastructure here in the US needs some serious fix’n-up. And the writing is on the wall that something had better change.


--Claus V.

No comments: