Following the news that fashion retailer The Buckle has been hacked via a malicious Point-of-Sale malware, cyber security experts from FireMon and Tripwire have commented on the situation as well as given advice on the best security measures enterprises should take.
Paul Norris, Senior Systems Engineer at Tripwire:
“Enterprises need to become proactive instead of reactive and learn from the mistakes of other attacks. Learn how current criminals are operating as well as how compromised companies are handling the incident response to such events.”
“The best advice for companies using point of sale systems is to isolate and lock down the devices as much as possible. Retailers need to secure all endpoints including PoS. These systems run a lightweight version of Microsoft Windows, and like all Windows operating systems, they still require to be patched and hardened. A security system needs to be implemented that can predict destinations both internally on the network as well as externally on the Internet. Carefully monitoring communications for irregularities can help identify successful attacks.”
“As these terminals are on store networks, they can be hard to patch or secure, so good preventative or detection tools should be put in place to help identify zero-day attacks and configuration changes on these point of sale terminals.”
Paul Calatayud, Chief Technology Officer at FireMon:
“The best way to mitigate against these attacks is to isolate the point of sale systems from the rest of the network using network segmentation and network security policy management.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.