Credit Card Thieves Hitting Smaller Prey
This was a great piece on SearchSecurity.com this week about how credit card thieves are targeting small merchants and their point-of-sale (POS) systems. The article cited a study by Trustwave, a major PCI consultant based in Chicago.
This shouldn't come as any great surprise. Unlike larger companies, small businesses often don't have the resources, let alone a dedicated IT security staff, to pay attention to every detail of the PCI requirements. Attackers know this, targeting more vulnerable small fries rather than big guys with stronger IT security defenses.
But what was interesting was that Trustwave found that many small businesses use third-party vendors to set up their POS systems. These systems aren't configured securely, often with default passwords -- commonly known by hackers -- still in place.
To add insult to injury, it isn't difficult for attackers to find exposed POS systems with simple port scans.
This shouldn't come as any great surprise. Unlike larger companies, small businesses often don't have the resources, let alone a dedicated IT security staff, to pay attention to every detail of the PCI requirements. Attackers know this, targeting more vulnerable small fries rather than big guys with stronger IT security defenses.
But what was interesting was that Trustwave found that many small businesses use third-party vendors to set up their POS systems. These systems aren't configured securely, often with default passwords -- commonly known by hackers -- still in place.
To add insult to injury, it isn't difficult for attackers to find exposed POS systems with simple port scans.
posted by The IT Security Guy at 9:49 AM
1 Comments:
This is an amazing blog that is related to POS Solutions that many small businesses use third-party vendors to set up their POS Systems. These systems aren't configured securely, often with default passwords commonly known as hackers.
Post a Comment
<< Home