Cisco Subnet An independent Cisco community View more

Cisco offers advice on Target breach

Encrypt at the POS to avoid loss of credit/debit card data

In the wake of the Target and Neiman Marcus data breaches, Cisco suggests encryption at the point-of-sale terminal. In a blog post this week, Cisco's Threat Research Analysis & Communications (TRAC) team advises retailers on how they can detect future payment card compromises and shorten the remediation window for such attacks.

The TRAC team zeroes in on hardware encryption devices at the POS terminal. The payment card data attacks on Target and other retailers are possible because the POS payment system includes third party software installed on the terminal, Cisco says.

+MORE ON NETWORK WORLD: Target: Up to 110 million affected by data breach+

The payment card data is susceptible to interception in memory before the encryption process and transmission across the network.

attacks on point of sale (POS) terminals and payment card networks are the most efficient way for criminals to steal track data and (often) associated PINs in bulk

The Cisco blog notes that this is enhanced by American companies' continued use of magnetic stripe payment cards. Indeed, it states that the US remains one of the few first world countries still using magnetic stripe payment gathering.

As use of these cards will likely continue, the Cisco blog asserts that attempting to profile memory scrapes - like the one that victimized Target -- from previous attacks may be of little use since they were modified or customized for the specific attack. They probably haven't been seen before.

So in addition to POS encryption, Cisco recommends NetFlow analytics and Lancope's StealthWatch Management Console on the POS terminal to generate alerts and indicators of compromise based on flow sessions and behavioral baselines. Cisco also recommends application and change process detection, and an approved list of compression tools.

More from Cisco Subnet:

SDN in 2014: More of Everything

Cisco sees SDN, Internet of Things in its 2014 crystal ball

2013: The 12 months of Cisco

The illustrious history of Cisco's Catalyst LAN switches

Cisco leads cloud infrastructure again

Cisco counting on Glue for stickiness

Microsoft era ending at Juniper

Cisco wraps Insieme, works on UCS 2.0

Cisco has this SDN thing covered

10 things we learned -- or didn't -- from Cisco's Insieme launch

Follow all Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter

Follow

 
From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies