You are here
Recent breaches that have impacted more than 350 MAPCO Express locations indicate convenience store chains are increasingly becoming prime retail targets for cybercrime activity.
The growing threat of breaches for convenience stores should come as no surprise. The constant stream of customers frequenting these establishments presents increased incentive for cybercriminals to expose in-store vulnerabilities.
Cybercriminals believe store owners have too much on their plates to protect every onsite network entryway within individual locations. Each standalone store has its own individual network computing device and at least one or more in-store access points that cybercriminals can exploit.
One franchisee’s security oversight can lead cybercriminals directly to the central network, giving them the ability to compromise an entire company’s infrastructure while gaining free reign of critical data.
Here are the most common physical vulnerabilities within convenience stores and how cybercriminals are taking advantage:
- Wardriving — Wardriving is the act of driving by a nearby store to gain remote wireless access to its network. Using a laptop, tablet or smartphone, cybercriminals can easily check for a wireless signal. Once a strong signal is detected, they can use it to breach the store’s network, bypassing even strong encryption to gain access to critical data.
- Unauthorized server room & hardware access — Oftentimes, physical hardware is stored onsite at franchise locations. To gain physical access to the technology, cybercriminals may come to the store dressed as technicians or employees of local internet providers. This guise allows them to sidestep unsuspecting employees. Once they gain access to the server, they likely have access to all information in the retailer’s network. Even if the physical server room is secure, cybercriminals can still gain access remotely if there is inefficient network security monitoring.
- Compromising point-of-sale, ATM card readers & HVAC systems — Cybercriminals can use point-of-sale (POS) scanners to enter into an organization’s network. By scanning their own malicious code onto a POS computer, they can capture payment information from credit and debit cards in virtually real-time. Cybercriminals can also gain external access to a network by gaining credentials from a third-party vendor, like an HVAC provider or maintenance team, who may be surveying the store’s conditions (i.e. temperature) on a daily basis and are plugged into the store network.
- Exploiting wall outlets & ethernet ports as network gateways — In-store wall outlets and ethernet ports can also be used by cybercriminals to plug in hidden hardware devices, giving them direct, remote access to the network. These outlets often go unnoticed as an area of concern for security vulnerabilities.
- Vulnerable web browsers & USB ports — Web browsers like Internet Explorer have been known to be exploited with malicious code that comes through the system from seemingly harmless HTML documents. Stores that make browsers available to employees or customers can be allowing cybercriminals network entryways to execute their code. USB ports found in back-room computers and even customer photo-printing kiosks can be inserted with USB sticks that are reprogrammed to spoof various other device types. These can take control of a computer, exfiltrate data or spy on the user.
Stay Ahead of the Threats
With the increasing threat of a breach, it's alarming how many retailers are not putting the support and resources needed into advancing their data breach readiness. A recent study from the Ponemon Institute found that 42 percent of companies have experienced a data breach in the past year, a 10-percent increase from the previous year. Despite this rise, 27 percent of companies didn’t have a data breach response plan or team in place.
The first step to improving a store’s network security is getting educated on potential entryways cybercriminals can easily access. By viewing physical and virtual vulnerabilities through the eyes of a hacker, convenience stores are better able to strengthen the security surrounding each vulnerability.
Another way to get smart on overall security posture is to hire a contractor or information technology staff to conduct a security audit. This will provide insight into the threat landscape for all potential vulnerabilities in your network — in-store, as well as those from employees or ex-employees. If unsure of how security is set up, chances are there are more areas for intrusion than a retailer might think.
Employees are often the first line of defense when protecting a network, so educating them on data breach readiness and training them not to divulge information or allow entry (i.e., tell customers about issues with POS systems, allow unscheduled maintenance personnel to fix wireless signal, etc.) will make it harder for cybercriminals to get in. Training should include how to monitor the unexpected entry points cybercriminals use, and to report suspicious activity to the correct authorities.
Editor's note: The opinions expressed in this column are the author's and do not necessarily reflect the views of Convenience Store News.