FBI Warns Retailers on More Cyber Attacks

After the massive data breach in Target, the U.S Federal Bureau of Investigation (FBI) warned retailers to watch out for more cyber attacks.

"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," said a confidential report by FBI, seen by Reuters.

Late last year, amidst the Christmas shopping season, Target's network has been compromised through the use of malware-infected point-of-sales (POS) systems. The data breach affected about 110 million shoppers of the retail company.

Aside from that incident, the FBI recorded a dozen cases more that used a similar approach from last year as well.

Now, many individuals and companies, like credit card and bank industry executives, have grown more concerned about the security when using credit/debit cards and dangers posed to payment card networks.

In the Jan. 17 report entitled Recent Cyber Intrusion Events Directed toward Retail Firms, the FBI shared some information about a malware that undermines POS systems. It also served as a warning to retailers to be more careful and keen in identifying unusual activities on their systems.

National Retail Foundation Vice President Tom Litchford said in a statement to Reuters, "Retailers have been and remain vigilant in their efforts to provide the highest level of security for their data systems in order to protect against malicious and criminal acts."

"As the criminal investigation continues and more information becomes available, you can be sure that the retail industry will be responsive and engaged to ensure this particular cyber-attack does not happen again."

The malicious software, called "RAM scraper," works in a simple way. When credit/debit cards are swiped upon purchase, details in the magnetic stripe were taken by the POS and transferred to the store's payment processing provider. Once details are moved to the computer's live memory, the RAM scraper will then extract them and save them.

This kind of malware is reportedly designed to be invisible to any anti-virus software on POS systems running on Windows software.

Meanwhile, Target has already released an advisory on the consumers that might have been affected by the security breach.