Change the default username (PCI DSS Requirement 2.1)To make it more difficult for a hacker to guess your username, don’t use the username for other non-sensitive systems or in any public forums. Further restricting outbound access to only authorized IP addresses would help prevent unauthorized information from leaving the restricted network. Segregate and restrict access to sensitive systems (PCI DSS Requirement 1.2)By identifying sensitive systems and isolating them on their own network zone, merchants can control what type of access is allowed into these zones and restrict remote access to only allow two-factor authentication. The following best practices, if implemented correctly, will reduce the risk of attacks. The PCI DSS is a multi-layered security framework that can correctly reduce merchant risk of compromise. Merchants who correctly implement PCI DSS security controls can reduce the risk of malware in their environment. Alternatively, by taking simple steps and encouraging a multi-layered approach to security, merchants can secure their organization against a potentially devastating compromise.
The best way to prevent such attacks is to discontinue remote access, but in today’s world, that’s not always a realistic option. These cracks allow hackers into merchant systems. Take a multi-layered approach to securityPOS malware succeeds when system vulnerabilities– cracks in the wall – are present.