The Cyber Attacks Of Poseidon - 1992 Words

Abstract This paper will go over the malware known as PoSeidon, malicious code that is meant to steal both credit and debit card information by infecting point-of-sale (PoS) machines in various stores. This paper will also go over how the attack was performed and how the code affected the target devices. We will also take a look at possible ways that this kind of attack could have been prevented. Background PoSeidon is malware that is aimed at exploiting PoS machines to illegally obtain customers’ debit card and credit card information. The two biggest victims of PoSeidon have been Target, who was attacked in 2013 and lost information of up to 110 million customers (Alaimo, 2015), and Home Depot in 2014 that lost up to 56 million records (Krebs, 2014). This malware is a serious threat to every business that uses POS machines to conduct business. PoSeidon attacks a part of the POS machine that many people did not recognize was a potential vulnerability. According to Lucian Constantin, the PoSeidon malware used a method called â€Å"memory scraping†, which scanned the Random Access Memory (RAM) for credit and debit card information that was not encrypted. With the information sitting on the RAM of the PoS machine unencrypted, it was wide open to an attack that put millions of customers’ information at risk. Although RAM only stores the information for a limited amoun t of time until that space is needed for another task, the information can stay on the RAM long enough for the