Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Case of the Stockpiled Credit Cards


Published on

  • Be the first to comment

  • Be the first to like this

The Case of the Stockpiled Credit Cards

  1. 1. © 2016 SecurityMetrics The Case of the Stockpiled Credit Cards Forensic Files Series
  2. 2. BUSINESS BACKGROUND Man buys a small deli, looking for investment. All finances are in order, deli has good reputation.
  3. 3. BUSINESS BACKGROUND 3 months later, the bank informs new owner that 9 years of deli customers’ credit cards have been compromised.
  4. 4. HOW HACKERS GOT IN Attacker hacked into the deli’s point-of-sale system and installed a keylogger to capture customer credit card information as cards were swiped.
  5. 5. WHAT IS A KEYLOGGER? A keylogger is malware that secretly records every keystroke a user makes on a computer or mobile device. In this way, malware authors can easily harvest typed information like passwords or credit cards.
  6. 6. HOW HACKERS GOT IN Keylogger ran for a few days, capturing hundreds of credit cards.
  7. 7. HOW HACKERS GOT IN To the hacker’s delight, he found that the point-of-sale system recorded all credit card information and stored it in transaction logs. He had no more use for the keylogger, so he deleted it.
  8. 8. HOW THE HACKERS GOT IN The file of stored transaction logs contained every credit card used at the deli since it opened, 9 years earlier.
  9. 9. WHAT THE BUSINESS DID WRONG Although the payment application was technically PCI compliant, it was installed in a non-PCI compliant manner.
  10. 10. PAYMENT APPLICATIONS MUST BE PCI COMPLIANT For a payment application to be deemed PCI compliant, it must comply with the list of protections known as the PA-DSS (Payment Application Data Security Standard).
  11. 11. Wenlock Free VP of Strategic Partnerships