Backoff malware has now impacted over a thousand businesses. Read on to learn how you can protect yourself from this digital threat.
1. Over 1,000 American Businesses Have Been Affected by Backoff Malware
Backoff malware targets cash register systems. Customer data is stolen during legitimate transactions, which cyberattackers get by remotely accessing the store’s systems. The Wall Street Journal notes that roughly 1,000 American businesses have been affected by this form of malware.
2. Backoff Malware May Have Been Linked to Breaches at UPS & Target
The New York Times notes that Backoff is the malware that was behind the recent data breaches at Target, Supervalu, and UPS Stores. Sophos has a list of things businesses can do to protect themselves from Backoff:
“Segregate your networks. Shield your PoS computers from the all-purpose computers in your business.
Limit the applications allowed on your PoS computers. Consider using Application Control to be notified if someone or something tries to install risky software on a cash register.
If your anti-virus has a Live Protection service, make sure it is on and working. With a suitable firewall rule, your PoS computers can benefit from almost-instant updates when new threats emerge.
Don’t ignore warning signs. Target failed to react to reports from its own IT support center that would probably have led to much earlier detection and remediation of its massive malware infestation.”
3. Backoff Has Increased Interest in Enhanced Card Security
The New York Times notes:
“Banks and companies have taken a renewed interest in a chip-based smart card standard known as E.M.V., short for Europay-MasterCard-Visa, the technology’s first backers. Credit card companies have set an October 2015 deadline for American retailers to upgrade their payment systems.
‘The weakness is the magnetic stripe,’ said Avivah Litan, a security analyst for Gartner Research. ‘I can buy a mag stripe reader on eBay and easily read all the data from your credit card. It’s an antiquated technology from the ’60s.'”
The report notes most retailers are unexpected to meet the October 2015 deadline. This is because it can cost up to $1,000 per terminal to complete the upgrades.
4. Other Digital Security Threats Have Recently Surfaced
It seems like there have been a flurry of digital security threats over the past month. Security researchers recently found a huge security vulnerability in USB technology, while another group of researchers also found a potentially massive flaw in the security used on Wi-Fi in airplanes.
5. Backoff Went ‘Largely Undetected’ by Antivirus Sofware
According to CERT, the United States Computer Emergency Readiness Team, Backoff was able to fly under the radar for many antivirus solutions:
“At the time this advisory is released, the variants of the “Backoff’ malware family are largely undetected by anti-virus (AV) vendors. However, shortly following the publication of this technical analysis, AV companies will quickly begin detecting the existing variants. It’s important to maintain up‐to‐date AV signatures and engines as new threats such as this are continually being added to your AV solution.”
PC World writes that “most antivirus packages now detect Backoff.” CERT notes that researchers have identified three primary variants of Backoff malware.