45 Percent of PoS Malware Attacks Involve Small Business, Security Firm Says





It’s supposed to be the holiday season, but for a lot of businesses, the third quarter of 2015 looked more like the Apocalypse as the Black Atlas, a malware which steals payment card data, made its vicious attack across the United States.

However, cyber security experts have issued a warning that it is not just U.S. retailers who are at risk of security breaches but also those around the world.

According to Trend Micro, the malware has been around since 2015 with its operators using the shotgun attack, a process where they checked available ports as their point of entry, thus attacking multiple targets simultaneously all over the world. Although almost everyone has been advised to be vigilant, experts warned that small- and medium-sized businesses are the most prone since they don’t have the sophisticated security tools used by large companies.

Businesses under attack could lose customer trust, suffer litigation, a decline in market value, and long-term reputation and brand damage. Credit card users, on the other hand, could lose their credit card standing and suffer financial loss.



How to Protect Your Business from PoS Malware?

PoS malware is evolving; therefore, companies and businesses must be as vigilant in protecting themselves and their customers by using integrated data protection. On the other hand, banks should issue chip and PIN cards, which is more effective than magnetic strips.

Experts also recommend a two-point security strategy to strengthen your protection against PoS malware attacks. This strategy employs the use of a multi-layered security solution and application whitelisting strategy.



A multi-layered security solution allows you to control user data while providing enterprise-wide visibility for your company. This solution can provide your business with various layers of security, such as:

  • Endpoint Application Listing – It prevents the execution of unknown and unwanted applications using application whitelisting technology.

  • Vulnerability Protection – This feature protects your endpoints until security patches are applied.

  • Deep Security – Protects any kinds of vulnerabilities that exist in your web application or operating system.

  • Endpoint Protection – This makes sure that your endpoints are secured against malware threat and data theft.



  • Deep Discovery – It keeps all the data within the network safe by detecting and analyzing any advanced threats.

Aside from a multi-layered protection, adding application white-listing to your security solution is a must. Application whitelisting is a computer application practice that stops any unauthorized programs from running, thus protecting your system from any harmful applications.

By using this, you are achieving three things in your security system:

  • You manage risks by protecting your system from endpoint attacks. It has been reported that 43 percent of companies in the European Union alone have prevented targeted attacks using application whitelisting.



  • You can enforce your IT policies. Statistics has shown that 79 percent of companies and organizations have users who can change applications controls to get hold of restricted information. By activating application whitelisting, you are alsi implementing security’s best practices, such as disallowing remote access and limiting internal access to the physical PoS device.

  • You effectively manage employee productivity. You can easily monitor your employee’s productivity and performance without worrying about security breach. When you allow the much needed freedom to your employees, they have become a part of that 60 percent who are satisfied with their jobs resulting in higher productivity levels.


Cyber Attack Graphic via Shutterstock

2 Comments ▼


Jonha Richman


Jonha Richman Jonha Richman is a Staff Writer for Small Business Trends covering apps, ecommerce and new business models. Jonha invests through her private investment fund, JJ Richman. The firm's latest investments have been focused on real estate, equities, bonds, commodities, emerging technologies (such as AI, big data) and various other globally diversified assets.

2 Reactions

  1. Aira Bongco

    It’s the holidays so it is not that surprising that they will be active. This is the perfect time to steal data for there will be more buyers disclosing their credit card information. Scary but not that surprising.

  1. Pingback:

    Malware: Quali sono i punti deboli per le PMI

Leave a Reply

Your email address will not be published. Required fields are marked *

*