Charles Leaver – Visibility Of Point Of Sale Vulnerabilities Would Maybe Have Prevented Trump Hotel Breach

Written By Matthew Fullard Presented By Charles Leaver CEO Ziften

Trump Hotels Point-of-Sale Vulnerabilities Emphasize Need for Quicker Detection of Anomalous Activity

Trump Hotels, suffered a cyber attack, between May 19th 2014 and June 2, 2015. The point of infection utilized was malware, and contaminated their front desk computer systems, POS systems, and restaurants. Nevertheless, in their own words they declare that they “did not discover any proof that any client info was stolen from our systems.” While it’s comforting to learn that no proof was discovered, if malware exists on POS systems it is probably there to take information related to the credit cards that are swiped, or increasingly tapped, placed, or waved. A lack of evidence does not imply the lack of crime, and to Trump Hotel’s credit, they have provided free credit monitoring services. If one is to examine a Point of Sale (or POS) system nevertheless you’ll notice something in abundance as an administrator: They seldom alter, and software will be nearly homogeneous across the deployment community. This can present both positives and negatives when thinking about securing such an environment. Software application modifications are sluggish to take place, require extensive testing, and are tough to roll out.

Nevertheless, due to the fact that such an environment is so uniform, it is likewise much easier to recognize POS vulnerabilities when something new has altered.

At Ziften we monitor all executing binaries and network connections that occur within an environment the second they happen. If a single POS system began to make new network connections, or began running brand-new software applications, no matter its intent, it would be flagged for additional review and examination. Ziften likewise gathers unlimited historic data from your environment. If you wish to know what occurred six to twelve months ago, this is not an issue. Now dwell times and antivirus detection rates can be determined utilizing our integrated threat feeds, in addition to our binary collection and submission technology. Also, we’ll inform you which users executed which applications at what time throughout this historic record, so you can discover your initial point of infection.

POS problems continue to plague the retail and hospitality industries, which is a pity given the relatively simple environment to monitor with detection and response.