This is a supply-chain attack, carried out against the software vendors who provide services to the cash registers found in stores

Illustration. BIGSTOCK / Copyright: Jose AS Reyes

The Israel National Cyber Directorate (INCD) issued a warning to retailers on Thursday, concerning attempts to execute ransomware attacks on smart cash registers’ software.

According to the warning, these are supply-chain attacks, being carried out against the software vendors who provide services to the cash registers found in stores.

In the attack method, a message which looks like a system message from the management appears on the register’s screen. Clicking on the message leads to the activation of the malware, which locks access and prevents the ability to operate the cash register.

The software vendors who identified the attack attempt warned their customers not to click on the message, thus managing to prevent some of the damage.

INCD’s recommendations for end users who use such a software as well as to companies that provide these services is to reset all passwords, refrain from clicking on suspicious messages, and verify adequate cyber protection, such as a secure connection and two-factor authentication.

No information has been provided as of yet regarding the actor behind the attacks, the goals or the extent of damage that has occurred or been prevented.

Attacks involving smart cash registers have become increasingly prevalent around the world in recent years. In July 2021, Swedish grocery chain Coop had to shut down most of its 800 stores across the county for several days as their cash registers’ software supplier was down – this, as part of the massive ransomware attack against US software provider Kaseya.

Back in in 2014, retail giant Kmart experienced a breach which lasted over a month, during which cash registers at 1,200 stores were infected with malware that compromised the numbers of credit and debit cards used on those registers.