Point of Sale the Next Big Target for Ransomware?

What is Ransomware?

Ransomware has been in the news a lot lately. Ransomware is malicious software that encrypts the data on a victim’s computer making them inaccessible until a ransom is paid to the attacker. The success of these attacks means we are likely going to be seeing a lot more of it.  One of the next targets is expected to be Point of sale systems (POS).

Why Ransomware?

Let’s look at what makes using ransomware more appealing first.  There are four key concepts to why ransomware will continue to rise.  First, is the success.  Over 2017 there have been several major attacks that gained mass media attention including, Petya, WannaCry, and Bad Rabbit.  These attacks helped to prove the utility of ransomware for future attacks.  Second, most people are familiar or have been a victim of a data breach.  Data breaches are where a hacker gets into some entity such as a business and steals your data such as credit card information.   Large data breaches have also been in the news.  The large amount of credit card data is flooding the black market and driving down prices.  This is making data breach attacks less valuable and so less appealing.

Next, is time.  Ransomware can see a payment in hours to days.  A data breach might require months on a system to gather the information.  Finally, looking at POS systems, they often lack the proper security to prevent such an attack making them an easy target.

How Would an Attack Happen on a Point of Sale System?

So what would a POS ransomware attack look like?  An attack would likely make a POS system, or network of POS systems unresponsive or “freeze up.”  Making a POS system useless is a tactic to get the ransom paid quickly by an panicking business owner.  A secondary threat of permanent deletion of data or further extortion of the business owner is also expected.  A hostile actor could display their demands on the screen of the POS or it could also come in an email that outlines the demand for payment or else.

 Ransomware and the POS

How Big of a Deal Are We Talking?

Although some ransomware attacks have fizzled some have had major payouts for the hostile cyber actors.  POS ransomware that is “done right” can result in a rapid turn in profit for the hostile actors.  The attacked business owner is going to be faced with a decision to make:  Pay a ransom or risk losing days or weeks of lost sales.  Unfortunately, it is assessed that most small business would likely pay the ransom when faced with this decision.

How to Stay Safe

Make sure to protect yourself from this kind of attack.  Deploying the latest cyber security defenses and active monitoring of your systems will go a long way to keep yourself or your business safe.  Protocol 46 can help you with this and more.  Check back for the latest updates or news of a ransomware POS attack when it happens on the protocol 46 website.

Post by chromite