Anatomy of a Point-of-Sale Attack
The complex nature of retail environments has led cybercriminals to create sophisticated attack methods to target valuable credit card data. Typically these attacks are multi-stage and include the following phases:
Infiltration – There are a variety of methods to gain access to a corporate network. Hackers can look for weaknesses in external facing systems or attack from within.
Network traversal – The malicious files that the cybercriminals have secreted within the network might stay in hiding, trying to gain access to other systems until they find a way to access the PoS environment.
Data capture – Once inside the PoS environment, the threat will install additional malware, which might secretly collect personal data every time the cards are swiped. The data will continue to accumulate in an internal staging server until the time comes for exfiltration.
Exfiltration – To facilitate exfiltration, the card data will move from a staging server to other systems within the corporate network that have legitimate external access. The threat manipulates these systems to transmit externally the card data to cybercriminals.