FBI: Retailers Beware, Target's Cyber Attack Was Just a Warm-Up
January 24, 2014 10:51 AM
The FBI expects more to come as the software is affordable and easily available
The U.S. Federal Bureau of Investigation (FBI) is warning retailers that the recent
security breach against Target's credit systems
was not a one-time deal, and that they should remain aware of their own software in an effort to ward off similar attacks.
, the FBI sent a confidential, three-page report out to retailers to clue them in on the risks of memory-parsing malware in point-of-sale (POS) systems. The report, dated January 17, is called "Recent Cyber Intrusion Events Directed Toward Retail Firms."
Memory-parsing software is also known as a "RAM scraping." It occurs during a normal retail process, where a customer swipes a credit or debit card, the POS terminal grabs the transaction data from the magnetic stripe and transfers it to the payment processing provider. Even though data is encrypted during the process, RAM scrapers have found a very small window where the information appears in plain text while in the computer's live memory. At that point, the information is extracted and either used or sold for profit.
The FBI wants retailers to know that they could easily experience the kind of cyber attack that Target endured because memory-parsing malware is affordable, accessible in underground forums and promises huge profits for the hackers.
The FBI report said that many of the POS malware cases it has seen involve small-to-mid sized local or regional businesses, since they can't afford the kind of security tools that major retailers can. The estimated losses from these cases range from tens of thousands of dollars to millions of dollars.
While RAM scraping is not a new thing, the cyber attack against Target during the holiday season has drawn more attention to it. Target's breach ran from November 27 through December 15, where customer information like their names, card numbers, expiration dates and CVV verification codes were compromised. Also, the breach occurred in nearly
all Target stores
across the U.S. in-store, not online.
Original reports said the breach affected 40 million customers, but it was later found that it was actually
70 million customers
Target wasn't the only retailer to get hit last year. Neiman Marcus said about 1.1 million customer cards were exposed by a data breach from July 16 to October 30 last year.
"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," said the FBI report.
"You can bet that Sony built a long-term business plan about being successful in Japan and that business plan is crumbling." -- Peter Moore, 24 hours before his Microsoft resignation
Quick Note: Target Data Breach Affected 70 Million Customers
January 10, 2014, 9:32 AM
Target Data Breach Compromises 40 Million Customer Credit/Debit Cards
December 19, 2013, 12:06 PM
Target to Price Match Amazon, Amazon Prime Comes to Canada
January 8, 2013, 10:52 AM
Science & Environment
February 20, 2017, 6:37 AM
The USA’s newest weather satellite sends first photos.
January 24, 2017, 6:41 AM
Netflix took a decision to invest in original content
January 19, 2017, 7:00 AM
Amazon Airborne Fulfillment Center – Your Merchandise Drop-Shipped from the Clouds
December 29, 2016, 5:00 AM
Amazon is experimenting with a new kind of grocery stores, Amazon Go
December 8, 2016, 5:00 AM
Google has developed Deep Learning Algorithm to detect Diabetic Eye Disease
December 4, 2016, 5:00 AM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
SAPPHIRE PULSE Radeon RX 580 8GD5 – Great Value for the Money
April 20, 2017, 7:47 AM
Dell Inspiron 17 7000 – A Premium Laptop featuring 7th Gen Intel Core i7 in a 2-in-1 Frame.
April 19, 2017, 7:45 AM
Tesla will announce electric lorry in September
April 19, 2017, 6:20 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Latest Blog Posts
Google Co-Founder, Sergey Brin has an Airship
Apr 26, 2017, 6:43 AM
Samsung Galaxy S8 and S8 Plus – Lots of Glass that Breaks Easily
Apr 25, 2017, 7:20 AM
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
Apple iPhones Will Soon Feature Graphics Chips Designed BY Apple
Apr 3, 2017, 6:23 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information