You can now read 5 articles in a month for free on Read as much as you want anywhere and anytime for just 99¢.

Cyberattack that hit Target a widespread threat to consumers

The cyberattack that affected Target Stores shoppers is much more pervasive than previously reported.

Associated Press/File

The cyberattack that affected Target Stores shoppers is much more pervasive than previously reported.

More than 1,000 US businesses have been affected by the cyberattack that hit the in-store cash register systems at Target, Supervalu, and most recently UPS Stores.

The attacks are much more pervasive than previously reported, and hackers are pilfering the data of millions of payment cards from US consumers without companies knowing about it, according to a new Department of Homeland Security advisory released Friday afternoon.

Continue reading below

On July 31, Homeland Security along with the Secret Service, the National Cybersecurity and Communications Integration Center, and their partners in the security industry, warned companies to check their in-store cash register systems for malware, which security experts dubbed “Backoff” after a word that appeared in its code. Until that point, Backoff malware and variations of it were undetectable by antivirus products.

Since then, seven companies that sell and manage in-store cash register systems confirmed to government officials that they each have had multiple clients affected. Some, like UPS and Supervalu, have stepped forward, but the vast majority have not.

Altogether, the Secret Service estimates that more than 1,000 US businesses have been affected.

According to the Secret Service, criminals are actively scanning corporate systems for remote access opportunities — a vendor with remote access to a company’s systems or employees with the ability to work remotely — and then deploying computers to high-speed guess usernames and passwords until they’ve hit the right combination.

The hackers use those footholds to crawl through corporate networks until they gain access to the cash register systems. From there, criminals are scraping payment card data off the cash register systems and sending it back, through various hop points, to their servers abroad.

Millions of American consumers’ payment card details are being sold on the black market, many of them from US companies that do not know their systems have been breached.

Unless companies search for Backoff on their systems, it can be difficult to identify. The agency recommends companies contact their service providers, antivirus vendors, and cash register system vendor to assess whether they’ve been compromised or are vulnerable to attack.

he Secret Service and Homeland Security recommended in a July 31 advisory that companies limit the number of vendors with access to their internal network; require long, complex passwords that cannot easily be cracked by a computer, and lock employees and vendors out of their accounts after multiple login requests.

The agencies recommended that companies segregate crucial systems, like cash registers, from corporate networks and install so-called two-factor authentication, which is a method that forces employees to enter a second, one-time password in addition to their usual credentials.

Loading comments...
Want each day's news headlines delivered fresh to your
inbox every morning? Just connect with us
in one of the following ways:
Please enter a valid email will never post anything without asking.
Privacy Policy
Subscriber Log In

You have reached the limit of 5 free articles in a month

Stay informed with unlimited access to Boston’s trusted news source.

  • High-quality journalism from the region’s largest newsroom
  • Convenient access across all of your devices
  • Today’s Headlines daily newsletter
  • Subscriber-only access to exclusive offers, events, contests, eBooks, and more
  • Less than 25¢ a week
Marketing image of
Marketing image of