Us payment processors report that they are being targeted by hackers using BGP hijacking attacks. This is a complex method used by experienced groups as it requires both resources and knowledge to execute one directly.
BGP Hijacking Attacks Used Against US Payment Processors
One of the most heavily attacked companies over the last few years are the payment processors, particularly the ones located in the USA. The reason for this is that they operate the payment card transactions and work together both with the banks and the online merchants. Their security should be impenetrable however this has not warded off the potential intruders. Over the years attacks using the BGP hijacking method have increased.
BGP stands for Border Gateway Protocol and is the standard language that devices use when exchanging information about routing and reachability over large networks on the Internet. Such attacks require the use of malware DNS servers that return forged responses when accessing payment gateways, banks and online services. A dangerous feature of these responses is that they maximize the duration of attack by employing a cache with longer expiration. This means that even after a successful attack has been stopped the damage will continue for quite some time.
Successful attacks rely on the creation and setup of false servers that send the requests. The most common way is to set up the required machines based on infected hosts — botnets of hijacked computers due to virus attacks. The hackers announce false information that practically confuses the network and disrupts the normal flow of information. The network traffic is forwarded to a hacker-controlled server which can lead to very successful phishing attacks.
The first major attack was reported by Oracle on July 6, an Indonesian (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/hackers-target-us-payment-processors-via-bgp-hijacking-attacks/