Serving up Security: What Restaurants Need to Know about Breach Risks and Prevention
December 14, 2016
Sure, the headlines have been wrought with healthcare ransomware stories, election-centric email breaches, and massive retail hacks—but restaurants are becoming more vulnerable to data breaches as well and cannot remain complacent. Within the past year, there has been a number of hacking incidents in various restaurants across the U.S. that weren’t serving up proper security.
Back in December 2015, Landry's released a list of dozens of restaurants and other establishments where payment card data was stolen by hackers. Affected restaurant brands under the Landry’s umbrella include big names like Bubba Gump Shrimp Co., Salt Grass Steak House, Willie G's, McCormick & Schmick's, and Morton's.
That same month, 29 Elephant Bar restaurant locations were hammered with point-of-sale (POS) malware, affecting customers in California, Colorado, Arizona, Missouri, Nevada, New Mexico, and Florida. Cybercriminals installed malware on the company’s payment processing systems made to capture payment card data, such as cardholder name, payment card account number, card expiration date, and verification code….the perfect recipe for credit card fraud.
And just this summer, Cici’s pizza chain got a slice of the breach headline attention when POS malware made itself right at home on some of its locations’ systems. Not to mention a few other fast food restaurants—the list goes on.
Yes, these are big chains, but a single vulnerable location puts the entire restaurant brand at risk of reputation and revenue loss due to a data breach. Data networks are continuously under attack, and as such, it’s not a matter of if but when hackers will be able to penetrate a network.
Restaurants have various types of technology connected to the internet to make customers’ experiences easier, faster, and more enjoyable including POS systems, digital signage, Wi-Fi networks, and even tablets at some chains. The more devices a business uses; however, the more attack vectors are available to cybercriminals.
POS malware can strike in a number of ways. Simple phishing emails can prompt internal personnel to accidentally open malicious links and attachments, resulting in malware on the network and connected devices. It can also involve hackers spreading malicious code by breaching the remote-access services designed to maintain the payment processing systems. These remote-access services can be poorly configured with guessable passwords, enabling the hackers to break in and distribute the malware to hundreds or thousands of point-of-sale (POS) machines. It also doesn't help that the malware can be tricky to detect. Sometimes, it can sneak past antivirus programs and then stealthily extract payment data, despite the presence of traditional firewalls. Then it can send out the stolen data slowly, making it look like normal traffic. A few months will go by, and who knows how many credit cards will have been breached.
POS systems are not the only devices that should be tightly secured, however. Wi-Fi networks are just as vulnerable. White hat researchers have discovered that hackers can read keystrokes to potentially compromise cellphone and tablet users on public Wi-Fi networks.
Luckily, there are ways to help prevent these threats from wreaking havoc on your business. Restaurants must be armed with better tools and increased cyber intelligence to ward off and alert to these kinds of attacks. And for those that may have some of these tools on their 'toolbelt' already, they should consider finding companies to work with to enhance their monitoring of these tools. In either case, it is vitally important to have the ability to more closely watch the data that passes through a corporate network in order to have a better chance of preventing breaches from occurring in the first place, or at least minimizing the damage by stopping them sooner than later.
In today’s threat landscape, a typical firewall can no longer be set up once and run without consistent monitoring, tweaking, and ensuring the data coming from it was correlated with other systems. Some of these breaches may look like normal web traffic coming out of the firewall, and other attacks can even seem like legitimate DNS traffic, which may pass right by the typical unmanaged firewall. It takes a different approach to stop some of these advanced attacks, and many products and service providers simply do not have the ability to stop them before they do real damage.
Restaurants looking to protect themselves at the highest level should implement the following tools:
- File integrity monitoring (to tell you when files have changed that weren’t supposed to change)
- Unified threat management appliances (used to integrate security features such as firewall, gateway antivirus and intrusion detection)
- Security information and event management (used to centrally collect, store and analyze log data and other data from various systems to provide a single point of view from which to be alerted to potential issues)
- Next-generation endpoint security solutions (used to stop attacks on the endpoint computers and servers before they can wreak havoc on other systems)
These advanced tools should ideally be outsourced to a managed security firm that specializes in this type of service, which includes having expert threat researchers that are constantly looking for new activity that could point to a hacker trying to steal data from your systems.
Netsurion, for example, can take the hassle out of prevention measures with a full-service suite of offerings tailored to your cybersecurity needs, including PCI compliance regulations. For almost 30 years, we have been helping restaurant brands and businesses of all sizes manage and secure their network. Now, with the addition of advanced threat protection powered by EventTracker, Netsurion delivers managed endpoint threat detection to the restaurant industry. Whether you have one POS terminal or 1,000 locations with multiple POS terminals in each, Netsurion can help guard you from a breach, assist you in continued compliance, and ultimately protect your brand and bottom-line.
Let us help make this simpler for you. Get started here: http://www.netsurion.com/get-started.