Smaller SA retailers warned over Dexter malware
Following the recent spate of Dexter malware attacks to a number of point of sale (POS) systems in South Africa’s biggest fast food chains and restaurants, a security expert warns that smaller retailers may be the next target.
The security breach enabled cyber criminals to steal credit and debit card information from customers, costing local banks millions of rand.
Wayne Olsen, chief technology officer at SecureData Africa, which operates in the information security field, believes that industry claims infected systems are clean and that consumers have nothing to worry about are unfounded.
Olsen believes that now that the latest variant of this particular malware has been identified and cleaned off high-profile retailers, “it is the smaller retailers that will be the next and unfortunately often easy target. They should not under any circumstance be lulled into a false sense of security,” he said.
“Consumers should be concerned. It is a well known fact that over the festive season there is a marked increase in malware and virus attacks for financial reward. While the latest spate of malware attacks focused on larger retailers and chains, it is the smaller guys that should be the most concerned,” the expert said.
He warned that the latest anti-virus software is meaningless if the operating system it is sitting on is not up-to-date. In addition to regularly updating the anti-virus software, retailers need to ensure that the operating system on their POS terminal regularly has its patches updated.
Olsen said that WiFi networks pose another big threat. “Many POS terminals operate on the same WiFi network as that used by staff and customers. This means that anyone can infect or hack into it. Segmentation of the network is vital to ensuring a secure POS terminal.”
Also worrying for Olsen is the fact that many small retailers leave their POS terminals unattended. “Making the POS terminal easily accessible to the general public puts the business at huge risk. It is also not advisable to make the POS terminal available to staff for internet and email access,” he said.
Loading ...