Travis Smith, senior security research engineer at cyber security firm Tripwire (www.tripwire.com), provided the following comments:
“All businesses which process credit cards are at risk of being targeted by cyber criminals. Most malware used to steal credit card data must both install the malicious code as well as send the stolen data to an Internet location owned by the attacker. Businesses which have point- of-sale machines should review their cyber security posture to limit the amount of change on these devices to reduce the risk of an infection. In the case of infection, Internet and other local area network traffic should also be reduced down to only the most critical amount necessary to operate their business. If a point-of-sale machine were to be infected, this would reduce the likelihood that the credit card data can be exfiltrated out to the attacker.
“We can’t attribute these credit card breaches to a single group without a more detailed forensic investigation. It’s entirely possible that these attacks were carried out by a criminal group only interested in the value of the credit card data. Since it’s known that Trump-owned entities are actively being targeted, copycat cyber criminals can take advantage of the noise surrounding other attacks to carry out their own.”
