'Backoff' malware illustrates growing data security headaches in supply chains


lightwelldatasecurity-3Cybersecurity continues to be a major issue all along the supply chain - and the reality is, the problems it can cause are only going to get murkier in terms of responsibility. As newer, more powerful strains of malware quickly worm through a point of access and hit components all along a network, it's difficult to determine where culpability lies. It's hard to figure out how to fix issues, and harder still to develop an end-to-end solution that reduces vulnerabilities and prevents problems. Of course, it's not helpful when companies point fingers. But as businesses grow more exasperated and the number of compromised enterprises - and customers - continues to mount, it's important to prioritize solutions.

Recently, the Secret Service announced that a strain of malware called "Backoff" had infected the point-of-sale systems at more than 1,000 businesses across the U.S. The advisory came after several POS system vendors stated that they had multiple clients affected by the malware, which was first detected in October 2013 but not targeted by antivirus software until earlier this August. As Forbes contributor James Lyne wrote, the Backoff malware is what's known as a RAM scraper, which means that it combs through the system, looking for credit card data. When it finds it, it sends the information to cybercriminals. Since POS systems are obviously potential hotbeds of credit card data, it's little surprise hackers are going after them. And the way they get this information is often from poor password hygiene or lackluster administration tools. Because so many different agents - from the vendor to the company to its workers - are involved in the purchase, installation, utilization and maintenance of tools like POS systems, it creates a lengthy chain of command that could cause problems for the health of the overall stakeholder system.

What does this mean for the supply chain?
In many cases, the POS systems are used by a franchise or some other organization loosely associated with the parent company. This can create a nebulous gray area where assumption of responsibility is concerned. As Dark Reading contributor Sara Peters reported, Dairy Queen, one business potentially affected by Backoff, stated that while it knew of no POS system breaches, it couldn't say with certainty that there were no compromises at any one of its thousands of locations. This lack of insight, coupled with invasions that may fly under the radar, spells double trouble for retail supply chains. 

So what can companies do? According to Lyne, retailers need a multi-pronged preventative approach.

"A combination of better configuration on the POS, network security defenses and tamper detection would have helped significantly in picking up these attacks," Lyne wrote. "Organizations should practice defense in depth layering up security controls, policies and procedures to avoid the basic mistakes that presently allow retailers to be compromised."

Such large-scale cybercrime efforts that need to be reported at the Secret Service level illustrate the difficult threat landscape in which today's businesses must operate. Businesses have to avail themselves of secure solutions, but they also need to ensure that the communication lines are open. All along the supply chain, every stakeholder must work together in order to ward off threats to financial integrity.

If you liked this article, check out other SCM insights from Lightwell: