“Backoff” is a form of malware that uses forms of remote desktop connections to gain access into POS machines. Once remote desktop access has been discovered, hackers attempt to brute force their way in to the machines.
There are several ways to protect systems from “Backoff”:
If a business must use remote desktop access, there should be settings in place to lockout a computer after a set time of inactivity. The number of users with access to a machine should also be limited. Each user that needs access to the machine must have individual usernames and passwords. The passwords must be complex and expire every 90 days. Universal guest or administrator accounts should be disabled, and a second form of authentication is also needed for any user with access to a machine with in the cardholder data environment (CDE). Connections should be encrypted and firewalls should be in place.
Omega protects customers systems in all of these ways. Individual users:
For business network security: only allowed ports, services, and IP addresses with specific business needs should be allowed to communicate through the firewall. CDE environments should be segregated from other business networks. Access control lists should be set up in router configurations that limit traffic to payment processing networks. Tools should be implemented to detect irregular network traffic and behavior by authorized users.
Omega protects networks by:
For maximum cash register and POS security, machines must be kept up to the latest patching levels, antivirus and antimalware software must be kept up to date, and intrusion detection systems must be used. Third party updates must be validated, users must perform checksum comparisons to ensure unauthorized files are not present, logs must be monitored and kept for events, systems should be reviewed for dormant or unknown users, and unnecessary ports must be disabled.
Omega ensures this protection for customers by:
For help on your organization’s data security needs, email pci@www.omegasecure.com or call 636-557-7777.