The Secret Service believes that as many as 1,000 businesses have been affected by the same cyberattack that looted Target's cash register system for consumer credit card information, the Department of Homeland Security said in an advisory Friday afternoon.
Criminals carry out the attack by breaching into the businesses' networks and then leaving behind a malware, known as 'Backoff', on their point-of-sale systems. Whenever someone swipes a credit card, the malware records the information and sends it back to the hackers, who then go on to sell the information to criminals on the internet.
"There's a lot of retailers out there that have been compromised by this and they simply don't know it yet," said Ken Westin, a security analyst for Tripwire Inc., a Portland cybersecurity firm. Many businesses didn't have the tools and software to detect such cyberattacks until this month.
Just earlier this week, 50 locations of the UPS store were hit by the same attack, exposing more than 100,000 transactions.
The Department advised the businesses to get in touch with their antivirus providers, point-of-sale system vendors' information technology team and managed service provider team so they could make sure that they were not in danger of being infected with the malware.
Westin believes that the number of infected businesses should increase. He also believes that it is likely that hospitals and government bodies will also be attacked by hackers.
In order to avoid a heavy breach, Westin recommended that businesses separate their point-of-sale systems from the less sensitive parts of their networks and add software that can identify any alterations to the system.
Most importantly, organizations should be sure that everyone's credit card information is always encrypted.
"Never store credit cards unencrypted anywhere on the network," Westin said.
