There are many different ways in which Hackers can attack POS systems today.
My personal belief is you want to store as little Personal Information outside the Perimeter as possible.
And even with that Data you want to get as much as possible back to Higher Ground(Where Data is defended better with more levels of protection);Quickly.
Oh yeah and you wanna patch as soon as a vulnerability arises in the wild(after sufficent tests) and not wait forever to patch which is typical of Vendors like Oracle,Adobe and Apple today.
Like I stated earlier, the POS companies can set their perimeter defenses to prevent egress of this sort of information from leaving their networks, the hack would be successful but the payoff would be zero and the log of the denied data would include the ip address of the machine collecting the card info giving law enforcement a chance to disrupt the crooks. One such intrusion prevention device that does this is made by Tippingpoint, but Cisco and Bluecoat have similar functions, they just require more work to configure it to work that way
It's too bad the bad guys are set on taking other people's money. Technological innovation should be for the good not evil. Paying only with cash might be an option except in the event of fire or home invasion.
I'm sure you have. But this differs from those in a couple of very subtle but devious ways. This is not a hardware device placed on the machine to capture info. It is software that is remotely installed and the user has no way to detect it's presence.
there's really no hope for credit card user in this instance. By the time the user finds out that the POS system was infected his credit information has already been stolen. Also there is some information coming out that Dexter is related to zeus and that little malware it's a known entity with volumes written about how to detect it. There are some configuration settings in certain intrusion prevention systems and firewall devices that could be set to prevent point-of-sale servers and devices from sending the payload up to the firewall. Just a little logic for those in need.
True. Security is an on-going, never-ending task because technology is always moving forward, changing, and evolving. Hackers and other malicious users will always try to find a loophole or write virus and malware to hack the system. IT people cannot afford to take a break when their enemies are as numerous and active as these.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Social networking sites and search engines continue to hone the tools they use to help advertisers spread their messages, measure results, and avoid fraud.
The US National Security Agency learned the hard way that it can be dangerous to give a contractor too much money and access, with too little scrutiny. The NSA and other government agencies hire tens of thousands of contractors
a year to analyze data. Edward Snowden -- who revealed himself as the NSA leaker after fleeing the country -- was one such contractor, reportedly holding a $122,000 salaried position at Booz Allen Hamilton at the time of his departure.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
