Target cyber attack not isolated, warns FBI

cyber security

Target cyber attack not isolated, warns FBI

Warwick Ashford

The FBI has warned US retailers to prepare for further cyber attacks after linking the malware used in the recent attack on Target to 20 other attacks in 2013.

In December, the third largest retailer in the US was hit by malware planted on point-of-sale (POS) terminals that was designed to steal payment card information.


The attack was detected only after 19 days, resulting in the theft of 40 million credit and debit card records. The personal information of 70 million customers was also compromised.

In a report sent to US retailers, the FBI warned that POS malware crime will continue to grow over the near term, according to Reuters.

The report said the availability of relatively low-cost malware and the potentially huge profits to be made from POS systems made this type of cyber crime attractive to “a wide range of actors”.

The attack on Target is believed to be the latest in a series of attacks on retailers using memory-parsing malware or RAM scrapers.

The malware is designed to extract payment data from the POS device’s memory before it is encrypted and passed on to a retailer’s payment processing provider.

The FBI report said one variant of the POS malware, known as Alina, included an option that allowed remote upgrades, making it more difficult to identify and remove.

Security experts advised that retailers move quickly to bolster their ability to analyse traffic patterns on their networks in real time to identify any anomalous activity.

The FBI report said most retailers hit by POS malware are small to mid-sized businesses, which typically lack the financial and skills resources of their larger counterparts.

Security industry commentators have said the breach at Target should serve as a warning to UK retailers and their customers.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy