Another Day, Another PoS Hack. What Makes the Micros Incident Different?

By on Aug 09, 2016

Motivated by money, cybercriminals are always chasing where it goes. That greed has now led them to where transactions are most concentrated: point-of-sales systems. These types of attacks have been prominent in the news lately, with the cases of Wendy’s and Omni Hotels. But today, we have news of criminals going one step further—infiltrating Oracle’s technology that powers many companies’ point-of-sales (PoS) systems: the Micros PoS system.

The effects of this attack could be quite largescale. That’s because most businesses don’t create their own infrastructure for credit card payments, opting instead to buy products for handling those transactions from a technology company. So top vendors, such as Oracle’s Micros, can service up to hundreds of thousands of PoS systems. Those numbers are sure to draw the attention of cybercriminals.

According to Brian Krebs’ report, after their interest was piqued, crooks began this particular attack at Oracle’s customer support portal. At the portal login, the organized cybercrime ring inserted malicious code, allowing them to steal the usernames and passwords of business accounts. With that information, perpetrators can gain remote access and manipulate PoS systems around the world.

That’s certainly not a good situation, but there is a silver lining. People’s payment data is not at risk—there’s no need to worry about attackers having your credit card numbers. As Oracle explained via email, “payment card data is encrypted both at rest and in transit in the Micros hosted customer environments.”

What is at stake, however, is not yet clear. The vulnerability was very recently discovered, and investigators are still mapping out the full implications. Oracle has asked its Micros customers to change their passwords, but we’re still waiting to see what follows. In the meantime, this incident should remind everyone to be careful with their financial data.

Here are some security tips for all of us, to keep our financials on lockdown:

  • Be suspicious of dubious transactions. Beware of devices that criminals sneakily place onto card readers. Some ATMs, for example, can be at risk due to attached “skimmers.” Although this Oracle incident was different in nature, most point-of-sale attacks are attempts at stealing consumer payment information.
  • Check your statements and contact for help. Taking a regular look at your bank statements and activity isn’t just sound accounting, it’s also a security matter. The Oracle attack’s perpetrators gained the ability to edit stores’ sales records, which may affect you if you turn up in a victimized store’s customer list. Regardless of this ability, there is a myriad of ways cybercriminals can get your card data. Look out for unusual behavior in your accounts, so you can report it.
  • Watch out for malware. These days, many sales happen online. Cybercriminals can put up false webpages for people to enter their card information. Keep an eye out for the official URL, and make use of a comprehensive security solution like McAfee LiveSafe™.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee on Twitter, and ‘Like’ us on Facebook.


About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

Subscribe to McAfee Securing Tomorrow Blogs