dcsimg

From a Hacker's Perspective: How to Breach a Point-of-Sale System

  • From a Hacker's Perspective: How to Breach a Point-of-Sale System

    From a Hacker's Perspective: How to Breach a Point-of-Sale System-

    Ex-filtrate the Harvested Data

    Ex-filtrate the stolen data.

    The critical last step in typical POS system breaches requires hackers to move the harvested credit card information back from the POS terminals to a location of their choosing. Again, in the Target scenario, this was a FTP server in Eastern Europe, where the data then becomes available on the black market.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9

From a Hacker's Perspective: How to Breach a Point-of-Sale System

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
  • From a Hacker's Perspective: How to Breach a Point-of-Sale System-7

    Ex-filtrate the Harvested Data

    Ex-filtrate the stolen data.

    The critical last step in typical POS system breaches requires hackers to move the harvested credit card information back from the POS terminals to a location of their choosing. Again, in the Target scenario, this was a FTP server in Eastern Europe, where the data then becomes available on the black market.

According to the Identity Theft Resource Center, over 500 data breaches have been reported in the United States this year, showing an increase of 27.5 percent over the same period last year.

At the same time, electronic payments have started to outnumber cash transactions, and hackers have taken notice – with an increased number of point-of-sale (POS) system breaches making the headlines. Recent POS hacks, like those on Home Depot and Target, are likely due, in part, to the systems not being properly protected from potential vulnerabilities, which allows for an easy way in.

In this slideshow, Russ Spitler, vice president of product management at AlienVault, discusses the step-by-step analysis from the perspective of a hacker and what he or she would have to do to breach a POS system.

AlienVault is a leading provider of unified security management and crowd-sourced threat intelligence. Its products are designed and priced to ensure that mid-market organizations can effectively defend themselves against today's advanced threats.