{"id":4643,"date":"2014-01-29T10:00:08","date_gmt":"2014-01-29T15:00:08","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=4643"},"modified":"2014-01-29T10:00:08","modified_gmt":"2014-01-29T15:00:08","slug":"dailytech-fbi-retailers-beware-targets-cyber-attack-was-just-a-warm-up","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/01\/29\/dailytech-fbi-retailers-beware-targets-cyber-attack-was-just-a-warm-up\/","title":{"rendered":"FBI: Retailers Beware, Target’s Cyber Attack Was Just a Warm-Up"},"content":{"rendered":"

The FBI expects more to come as the software is affordable and easily available<\/p>\n

\"DailyTech<\/a><\/p>\n

The U.S. Federal Bureau of Investigation (FBI) is warning retailers that the recent security breach against Target’s credit systems was not a one-time deal, and that they should remain aware of their own software in an effort to ward off similar attacks.<\/p>\n

According to Reuters, the FBI sent a confidential, three-page report out to retailers to clue them in on the risks of memory-parsing malware in point-of-sale (POS) systems. The report, dated January 17, is called “Recent Cyber Intrusion Events Directed Toward Retail Firms.”<\/p>\n

Memory-parsing software is also known as a “RAM scraping.” It occurs during a normal retail process, where a customer swipes a credit or debit card, the POS terminal grabs the transaction data from the magnetic stripe and transfers it to the payment processing provider. Even though data is encrypted during the process, RAM scrapers have found a very small window where the information appears in plain text while in the computer\\’s live memory. At that point, the information is extracted and either used or sold for profit.<\/p>\n

The FBI wants retailers to know that they could easily experience the kind of cyber attack that Target endured because memory-parsing malware is affordable, accessible in underground forums and promises huge profits for the hackers.<\/p>\n

The FBI report said that many of the POS malware cases it has seen involve small-to-mid sized local or regional businesses, since they can\\’t afford the kind of security tools that major retailers can. The estimated losses from these cases range from tens of thousands of dollars to millions of dollars.<\/p>\n

While RAM scraping is not a new thing, the cyber attack against Target during the holiday season has drawn more attention to it. Target\\’s breach ran from November 27 through December 15, where customer information like their names, card numbers, expiration dates and CVV verification codes were compromised. Also, the breach occurred in nearly all Target stores across the U.S. in-store, not online.<\/p>\n

Original reports said the breach affected 40 million customers, but it was later found that it was actually 70 million customers.<\/p>\n

Target wasn\\’t the only retailer to get hit last year. Neiman Marcus said about 1.1 million customer cards were exposed by a data breach from July 16 to October 30 last year.<\/p>\n

“We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms\\’ actions to mitigate it,” said the FBI report.<\/p>\n

via DailyTech – FBI: Retailers Beware, Target’s Cyber Attack Was Just a Warm-Up<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

The FBI expects more to come as the software is affordable and easily available The U.S. Federal Bureau of Investigation […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[245,1066],"class_list":["post-4643","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-cyber-attack","tag-target"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1cT","jetpack-related-posts":[{"id":6142,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/06\/department-of-homeland-security-warns-retailers-of-backoff-pos-malware-techspot\/","url_meta":{"origin":4643,"position":0},"title":"Department of Homeland Security warns retailers of ‘Backoff’ POS malware – TechSpot","author":"NCCT","date":"August 6, 2014","format":false,"excerpt":"The Department of Homeland Security yesterday issued an alert about a point-of-sale malware that was used in a string of recent attacks by cyber criminals. Dubbed Backoff, the malware has been witnessed on at least three separate forensic investigations since late 2013 and continues to operate today. According to US-CERT,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":4643,"position":1},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":8270,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/12\/security-breaches-cost-the-us-healthcare-system-6-billion-each-year\/","url_meta":{"origin":4643,"position":2},"title":"Security breaches cost the US healthcare system $6 billion each year","author":"NCCT","date":"May 12, 2015","format":false,"excerpt":"Cyber attacks targeting the US healthcare system now cost the country roughly $6 billion per year. The uptick is directly related to organized crime units shifting their attention from financial firms and large retailers to healthcare providers. According to a report from Bloomberg, attacks against healthcare providers have more than\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7040,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/04\/sony-pictures-hack-gets-uglier-north-korea-wont-deny-responsibility-updated\/","url_meta":{"origin":4643,"position":3},"title":"Sony Pictures hack gets uglier; North Korea won\u2019t deny responsibility [Updated]","author":"NCCT","date":"December 4, 2014","format":false,"excerpt":"More evidence has emerged that makes the Sony Pictures hack look similar to a suspected attack on South Korean companies over a year ago. And a spokesperson for the North Korean government, rather than denying his country\u2019s involvement, is playing coy as the damage to Sony appears to be growing\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7030,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/05\/iranian-hackers-have-been-targeting-critical-infrastructure-for-the-last-two-years-says-report\/","url_meta":{"origin":4643,"position":4},"title":"Iranian hackers have been targeting critical infrastructure for the last two years, says report","author":"NCCT","date":"December 5, 2014","format":false,"excerpt":"For the past two years, a Tehran, Iran-based hacker group has breached the computer networks of around 50 of the world's top energy, transport, and infrastructure companies, including 10 US-based firms According to cyber security firm Cylance, the campaign dubbed Operation Cleaver has so far only focused on intelligence gathering,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6848,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/11\/14\/chinese-hackers-suspected-in-usps-breach-data-on-every-employee-compromised\/","url_meta":{"origin":4643,"position":5},"title":"Chinese hackers suspected in USPS breach, data on every employee compromised","author":"NCCT","date":"November 14, 2014","format":false,"excerpt":"The FBI is investigating a data breach at the U.S. Postal Service in which employees\u2019 personal data may have been compromised. Every person on staff with the Postal Service, from the Postmaster General down to letter carriers, was exposed according to a report from the Washington Post. Sources familiar with\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4643","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=4643"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/4643\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=4643"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=4643"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=4643"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}