“May Day!,” Pt. I: Malware Security Alert for POS Devices

Happy May Day! In the U.S., it conjures up images of May Poles and spring love. In Europe, it’s marked with parades and marches, and is still something of a “worker’s holiday,” as it was here in the 19th Century. It was the original “Labor Day,” until the one we have now was created, so that American workers could have a day separate from what was perceived as the somewhat incendiary history of May 1st.

“May Day!” is also a cry of alarm — especially on the high seas. That’s probably not tied in to either of the “Labor Days,” though and likely comes from the French “M’Aidez!,” or “Help Me!”

These strands come together now that digits have replaced printed broadsides since the days of 19th-century labor organizing, and the nature of work is itself increasingly digitized. As is the nature of money, purchases, and transactions, as readers of this space know so well.

In that regard, we have a “May Day!” in the ships-in-distress sense, a warning to merchants everywhere about RawPOS Malware.

In fact, this point-of-sale malware has been implicated in previous breaches, like the one that affected Goodwill stores.  Any users of Windows POS devices are especially at risk.

If you have a stand-alone terminal, however, like a Hypercom/Omni terminal, you may be in the clear. However, the malware is said to be still spreading at “alarming rates.”

Here are some initial steps to follow if you’re running a Windows POS device (using  Windows 7 or Windows 8 — if you’re somehow still on XP, note that support will continue to be phased out).

*Whichever of the two recent Windows Operating systems you’re using, make sure the OS is fully updated and patched.

*Make sure you’re also compliant with all  PCI-DSS 3.0 security requirements. A link to a PDF for those requirements can be found right here, and is handy for your IT Department, if they need it.

*If a machine is used by multiple persons as the Point of Sale device, it should be limited to a single function as the POS Terminal. It should not also have “multiple functions” tying it unnecessarily to other networks, data bases, etc.

*If multiple users and multiple functions on a device are unavoidable, it is even more critical  that extensive precautions as listed in the PCI-DSS are taken with such devices.

We will have an overview of these precautions in the second part of our “May Day!” alert, next week!

In meantime, with any questions about security, upgrades, or your own POS terminals, feel free to contact AVPS — especially before you head out on that May Day picnic!

Leave a Reply

Your email address will not be published. Required fields are marked *