Ram Scraper Malware: Why PCI DSS Can't Fix Retail

  • 23 July 2014
  • 1 reply
  • 379 views

Userlevel 7
Badge +54
Brian Riley   7/23/2014
 
There is a gaping hole in the pre-eminent industry security standard aimed at protecting customers, credit card and personal data
 Target, Neiman Marcus, Michael’s, and possibly P.F. Chang’s all have one thing in common: They are recent victims of a type of malware called a RAM scraper that infects point of sale (POS) terminals. These data breaches occurred despite some, if not all, of these merchants complying with industry security standards.
In Target’s case, government analysts estimate the total financial impact could reach as high as $12.2 billion. And the fallout continues. Target’s CEO Gregg Steinhafel set a new precedent, marking the first time that the head of a major corporation resigned due to a data breach. Merchants clearly must go beyond merely complying with industry security standards to reduce their risk, especially in relation to POS terminal malware.
 


Image credit: Jay Reed on Flickr.
 
Full Article

1 reply

Userlevel 7
Interesting articles even though the company's are complying with the security standard this Malaware still bypasses and is able to infect. I have to admit never heard of this one before Ram Scraper.....whats next???

Reply