[ISN] Processor Warns of Hacking Trend

From: InfoSec News <alerts_at_private>
Date: Tue, 1 May 2012 00:09:08 -0500 (CDT)

By Tracy Kitten
Bank Info Security
April 30, 2012

Over the past year, First Data, the largest payments processor in the 
U.S., has seen an uptick in "trolling" - hackers sniffing networks for 
remote access into point-of-sale systems that are open or loosely 

The targets: Smaller merchants, those categorized by Visa as Level 4. 
These merchants process fewer than 1 million transactions per year and 
account for 32 percent of Visa's U.S. transactions. They also are 
largely non-compliant with the Payment Card Industry Data Security 

The risk, says John Graham, vice president of global information 
assurance and risk at First Data Corp., is that because these smaller 
merchants are not PCI compliant, they are vulnerable to breaches of 
credit and debit card data. "Over the last 12 months or so, trolling has 
really become prevalent," Graham says.

So, too, have breaches. Erik Rasmussen, a special agent within the Cyber 
Intelligence Section of the U.S. Secret Service's Criminal Investigative 
Division, says most card fraud incidents today stem from POS hacks. "The 
No.1 way criminals are getting in is through remote access to the 
backhouse server," Rasmussen said during a recent RSA Conference 


LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
Received on Mon Apr 30 2012 - 22:09:08 PDT

This archive was generated by hypermail 2.2.0 : Mon Apr 30 2012 - 22:05:48 PDT