Dive Brief:
-
The “Backoff” malware that caused Target’s massive holiday time breach last year has affected more than 1,000 American businesses, according to a report by the Department of Homeland Security released Friday.
-
Since July 31, the Department of Homeland Security, the U.S. Secret Service, the National Cybersecurity and Communications Integration Center, and private security firms have been warning retailers to check for the Backoff code, which has been impervious to established anti-virus programs till now.
-
The advisory released Friday advises retailers to consult with security firms to look for the malware, which has led to increased reports of infection. UPS’s recent report that 51 stores had been compromised was just one.
Dive Insight:
The advice coming from U.S. agencies and private cyber-security firms about how retailers can shield themselves from this kind of hack — separating retail point-of-sale systems from vendor systems, limited the number of people or systems with access to servers, and making security codes complex — have been suggested protocols for a while now. Retailers are clearly even more vulnerable than first thought at the time of last year’s cybersecurity debacle.