How Can RAM Scrapers Be Used To Steal Your Company’s Data?

When you are dealing with cyber security you can almost have the same frame of mind as a general at war who is dealing with a smaller but versatile enemy.

You have to worry about and guard every vector that can be used for an attack.

The enemy only has to find one small crack in your infrastructure and they are able to do damage.

This may not seem like it is fair but it is the reality of the situation.

There are so many devices that are out now that can used against your network that it is almost too much to regulate.

RAM Scrapers

One of the new ways of attack that hackers have found, is that they can breach a system through the use of Ram Scrapers.

Ram scrappers is actually a name that Verizon came up with, to describe a popular attack that is now making the rounds.

It involves a piece of software that can be used to collect data.

The data that it uses comes from items with volatile memory.

Volatile memory is what most people would label Ram.

Hence the name Ram scrappers.

The way that Ram is supposed to work is that the data, when requested, is moved from the hard drive to Ram.

After it goes to Ram, it then follows the path and heads to the register.

After that it gets to the CPU.

Ram is supposed to erase all data after it has no more electricity flowing through it.

This helps solve the problem of old Ram sticks causing security breaches.

Intercepting Data En Route

The attackers have found a way to intercept the data that is going from the Ram to the registers.

This allows them to capture the data that they unencrypted.

There is a good reason why the hackers want the data that is coming out of the Ram of a device.

Especially the most targeted device, a POS system.

The letters POS stand for Point of Sale and are the computer systems used by retailers.

When you are able to get a Ram Scraper into one of these devices, you are then able to get the data that you need readable and unencrypted.

Hackers found the weak point and exploited it the best that they could.

It has now become a serious problem and more research is being done to figure out how to stop it.

The technique is used in more places than just a grocery store’s cash register.

It can be used in atm’s and casino machines as well.

This is just one of the many new attacks that a security professional has to be on the lookout for.

It is hard to keep constant vigilance against so many types of threats but for right now, it is the best that we can do.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.


  1. […] This post was mentioned on Twitter by courtney benson, Lee. Lee said: How Can RAM Scrapers Be Used To Steal Your Company’s Data? […]

Speak Your Mind