The United States Secret Service estimated more than 1,000 businesses have been infected by the "Backoff" point-of-sale malware, and many of them are unaware they have been compromised, according to a Department of Homeland Security advisory.
The UPS Store said on Wednesday that computer systems at several of its franchised center locations had been infected with stealthy malware that went undetected by its anti-virus software and exposed customer payment data.
The malware at the center of the 'Machete' cyber attacks is capable of a number of actions, including logging keystrokes, capturing audio and screenshots, taking photos from the victim's webcam and capturing geo-location data.
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Whether you’re buying a smart refrigerator for your home or a printer for your company, your first step is deciding the risk involved and how to deploy the device in a secure manner while preserving the functionality you require.
Without the elements of prevention, detection, and protection all working together, threat actors will always have the advantage, and will find a way to carry out their illicit economic, political or social agendas.
Enemy infrastructure is and always has been an important military target. The difference is that with increasingly automated and connected infrastructure, the ability for an enemy to target these systems digitally has increased, putting these systems at greater risk.