Chuck Leaver – Point Of Sale Vulnerabilities Caused Trump Hotel Breach

Written By Matthew Fullard Presented By Chuck Leaver CEO Ziften

Trump Hotels Point-of-Sale Vulnerabilities Emphasize Need for Faster Detection of Anomalous Activity

Trump Hotels, suffered a data breach, between May 19th 2014 and June 2, 2015. The point of infection used was malware, and infected their front desk computers, point of sales systems, and restaurants. However, in their own words they declare that they “did not find any proof that any consumer information was stolen from our systems.” While it’s soothing to learn that no proof was discovered, if malware exists on point of sales systems it is most likely there to take details related to the charge cards that are swiped, or significantly tapped, inserted, or waved. An absence of proof does not imply the lack of crime, and to Trump Hotel’s credit, they have provided complimentary credit monitoring services. If one is to take a look at a Point of Sale (or POS) system however you’ll discover something in abundance as an administrator: They seldom alter, and software applications will be almost homogeneous throughout the implementation ecosystem. This can present both positives and negatives when thinking about protecting such an environment. Software application changes are slow to happen, need extensive testing, and are hard to roll out.

Nevertheless, due to the fact that such an environment is so homogeneous, it is also a lot easier to recognize Point of Sale vulnerabilities when something brand-new has altered.

At Ziften we monitor all executing binaries and network connections that happen within a community the second they take place. If a single POS system began to make new network connections, or started running brand-new software, regardless of its intent, it would be flagged for additional evaluation and examination. Ziften likewise collects endless historic data from your environment. If you need to know exactly what occurred 6 to 12 months back, this is not an issue. Now dwell times and AV detection rates can be measured using our incorporated threat feeds, in addition to our binary collection and submission technology. Likewise, we’ll inform you which users executed which applications at exactly what time throughout this historical record, so you can learn your preliminary point of infection.

POS problems continue to plague the retail and hospitality industries, which is a shame given the relatively simple environment to monitor with detection and response.

 

 

~leaverchuck1


No Responses Yet to “Chuck Leaver – Point Of Sale Vulnerabilities Caused Trump Hotel Breach”

Leave a Reply