back to article Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …

  1. Anonymous Coward
    Anonymous Coward

    I thought

    POS stood for something else.

    1. Mark 85 Silver badge

      Re: I thought

      In this case, I think it's the same thing.

  2. Anonymous Coward
    Anonymous Coward

    So this works because :

    1) Windows is being used to run POS systems

    2) The security is lax allowing any old software to be installed

    3) The POS terminals apparently can connect to the internet.

    Can I just ask Why?????

    1. jonathanb Silver badge

      I can answer question 3. They connect to the internet to contact the bank in order to complete the transaction, and to record details of the sale in the head office inventory and accounting systems.

      1. Anonymous Coward
        Anonymous Coward

        But surely that would be all routed through a secure proxy - what seems to have happened here is that the POS system terminal has carte blanche to connect to the internet and to connect to any site that it wants....didn't ANYONE even consider that this was a very stupid thing to do?

        1. ecofeco Silver badge

          Most likely their security was out of date. Seen that FAR too many times.

    2. ecofeco Silver badge

      Why?

      I can answer all three:

      -Not just Windows, but windows XP in most cases

      -Again, windows XP

      -POS terminals are using the Internet as a remote repair back door

      Lovely, innit?

  3. Tree

    Why not use Windows Hate?

    Malware could never find anything because of jumping tiles in 8. Really, a simpler OS is likely safer. Just write them in DRDOS. and have a hardware firewall.

  4. shovelDriver

    Why the SS Wants To Know

    Secret Service: If you've been infected, let us know. Even if you were successful at defeating the attack, let us know. That way we can aid the NSA - and its' sub-division, the GCHQ - in modifying target lists, and procedures.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020