Make Your Point of Sale System a Point of Security

As the biggest season in retail winds down, Forever 21 was the latest retail target of a point of sale cyber attack, joining the likes of Chipotle and Game Stop.

As the biggest season in retail winds down, Forever 21 was the latest retail target of a point of sale cyber attack, joining the likes of Chipotle and Game Stop. It was recently announced that they suffered a POS security breach between April 3 and November 18, 2017, and while some stores suffered breaches lasting the entire seven months, others were breached “for only a few days or several weeks.” Whether a breach is discovered within a few days or not for several months, it does little to soothe the pain. When sensitive customer information is stolen, the damage can spread wide to include not only compromised customer identities but a brand’s reputation, potential legal implications and even a hit to stock prices.

“The investigation found signs of unauthorized network access and installation of malware on some POS devices designed to search for payment card data. The malware searched only for track data read from a payment card as it was being routed through the POS device.”

With more ways to pay at retail outlets, both in-store and online, corporations increase their attack surface area, undeniably opening themselves up to greater risks with their point of sale systems. While companies have technologies in place to foil hackers, we do not live in a perfect world. “In most instances, the malware only found track data that did not have cardholder name. Additionally, stores have a device that keeps a log of completed payment card transaction authorizations.” However, by leveraging DNS to bolster your security stack, breaches become less likely and less severe, all while giving you the visibility and control that other tools do not.

DNS: The Key to Point of Sale Security

Upon looking at these point of sale breaches, there are a few things every company can learn as they look to improve their cyber security measures. DNS is the foundation of any network, including POS systems, so it can offer clues, hints and be an invaluable tool in detecting malicious network activity.

However what’s important here is the protecting your POS system. In this case, the importance of securing your IoT devices cannot be overstated. Here, the point of sale devices were communicating with “services” outside the scope of those they were explicitly intended to connect with.

For starters, the investigation into the security incident revealed that hackers had access to customers’ payment card data for up to seven months… Attackers had obtained network access and installed malware meant to harvest credit card data.”

Malicious adversaries harvested and captured this sensitive data and Forever 21’s cyber security measures weren’t able to stop it (or detect it) until it was too late. However, there is a solution, and it is possible to keep your IoT devices from communicating with devices or services they shouldn’t be while also preventing them from sending that information out.

DNS Edge, for example, can provide visibility into DNS log data and enforce policies to ensure:

  1. POS IoT devices and services are only able to communicate externally or internally to the services they need.
  2. POS IoT devices are not exfiltrating customer data to these malicious adversaries.

No one wants to be in damage control mode. By securing your POS system and monitoring DNS, you’ll be able to take action before it’s too late.

An avatar of the author

Anna is a passionate content writer who’s always eager to learn something new about cyber security.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more