Two news stories kept cybersecurity in the spotlight this week – the discovery of new point-of-sale malware, and a new survey that revealed almost 90% of IT executives fear their companies are unprepared for data incursions.

The Chicago-based information security company Trustwave uncovered a POS memory-scraper malware dubbed “Cherry Picker.” Trustwave is currently analyzing one case of Cherry Picker, which has been undetected by antivirus systems and security companies since 2011. It has targeted the food and beverage industry, but Trustwave warned any business with a POS application processing credit card numbers is at risk.

Similar to how a cherry picker positions himself to make an easy goal in a basketball or soccer game, the malware scouts an infected system and pinpoints exactly which processes to target in order to successfully steal credit card information.

“The configuration specifies a target process that it expects to be loaded in,” Eric Merritt, security researcher for Trustwave, wrote in a blog post. “If the parent process does not match the name specified by this field, the malware will exit.”

The malware can also steal privileged credentials, allowing criminals remote access to a customer's network – something that has become a trend in the cybercrime space.

Cherry Picker uses configuration files, encryption, obfuscation and command line arguments to stay away from companies' radars, giving the maware a very low detection rate. Trustwave also learned the malware has consistently improved and morphed into three slightly different variations since 2011, making it even more difficult to detect.

In a 2014 report, security vendor Symantec identified POS malware as one of cybercriminals' most commonly used methods for stealing payment card data. Criminals utilized POS malware under the radar since 2005 or earlier, but when massive data breaches occurred in 2013 and 2014, compromising more than 100 million payment cards, the full magnitude of the problem became apparent, Symantec said. The increasing accessibility of fairly cheap, ready-to-use POS malware kits has only worsened the threat.

Meanwhile, a survey of IT security professionals from the Needham, Mass.-based security firm Promisec found endpoint security solutions continue to lag, failing to provide protections or detections adequate enough to mitigate security threats.

A majority of IT executives surveyed also indicated a heightened fear of a security breach in the coming year and acknowledged a rapidly shifting security landscape, which now includes endpoint security.

An alarming 89% of IT executives have a heightened fear of a breach taking place over the next year, while 74% of respondents said traditional anti-virus defenses no longer address advanced, targeted threats.

The survey also found 82% are either “highly” or “moderately” concerned about a potential security breach in the next year, while only 31% say they are “well prepared” for a cyber-attack. A majority of respondents (73%) consider endpoints – such as desktops, laptops and mobile devices – to be the “most vulnerable” part of a network. And, in spite of a significant concern for potential data breaches and the value of endpoint security, most companies' defenses are inadequate.

“Results from our survey indicate that for many companies, endpoints remain highly vulnerable to a cyber-attack as threat levels continue to rise,” Dan Ross, CEO of Promisec, said. “We continue to see a new breed of more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as firewall, anti-virus and anti-malware software, are no longer enough to keep our networks safe.”

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).