American companies that use credit card processing and merchant services are on high alert after a Russian hacking group breached the servers of various POS or point of sale systems.
The first victim of the breach was tech giant Oracle, which in mid-2016 acquired MICROS Systems, a major provider of POS solutions for the retail and hospitality industries.
Following the cyber-attack on Oracle MICROS, five more providers of cash registers reported being hacked by the same Russian crew.
The companies targeted by the hacking group have an important business aspect in common: they all offer cloud cash registers, which are advanced POS or point of sale systems integrated with functions such as employee scheduling, customer relationship management (CRM), credit card processing, marketing intelligence, merchant services, and more.
Security analysts who covered the aforementioned incidents explained that the Russian hackers were specifically looking for individual customer account records, which means that they were trying to get their hands on credit card data. A likely suspect has already been mentioned, the Carbanak Gang.
An initial security investigation indicates that Oracle became aware of the breach when it detected a malicious code in a few servers used by nearly 700 customers. The attack also included a help desk system used by Oracle to provide technical support to clients. This is very concerning because hackers could gain the ability of intercepting service tickets and spoofing support agents.
It is not unusual to see hacking crews such as the Carbanak Gang being suspected of pulling off major cyber heists. Internet security experts have been following this cybercrime group for a while; they believe that this group may be associated with the Bratva, which is the name insiders use to describe the Russian mafia.
It is interesting to note that one of the reasons major cyber-attacks come from Russia is that computer education has major support in public schools and state-funded universities. It is believed that the Russian government often recruits malicious hackers to work as cyber warfare agents.