Security researchers have identified a vulnerability in Point Of Sale (POS) terminals used by a large number of major chains, and hacked it to allow them to buy a MacBook for one dollar …
TNW reports that ERPScan researchers Dmitry Chastuhin and Vladimir Egorov found the hack scarily easy to carry out. The key to it is that point-of-sale terminals developed by SAP and Oracle have no encryption or authorization procedures to prevent the price database being modified from within the store’s own network.
The attack does require physical access to the network, but as they demonstrated, many stores make this ridiculously easy. They found Ethernet ports on unused tills, weighing machines and just generally scattered around the store.
The connections between POS workstation and the store server […] [often] lack the basics of cybersecurity – authorization procedures and encryption – and nobody cares about it. So, once an attacker is in the network, he or she gains full control of the system.
All they needed to do was program a $25 Raspberry Pi to access the backend system for the POS and make the price adjustment. In this case, they changed the price of a MacBook to just $1.
They do note that real-life attacks would have to be a little more subtle. Even the most jaded of till operators would likely realize that an Apple laptop shouldn’t be costing a dollar. But if an attacker were to be a little more modest in their price reductions, and buy a bunch of other stuff at the same time, it could easily pass unnoticed.
They advised Oracle and SAP of their findings, and SAP issued two security patches to block the attack. Check out the demo in the (badly-acted) video below.