Though businesses are taking cyber defense precautions, threats can remain.
Businesses are becoming increasingly well-versed to preventative cybersecurity methods, but companies still encounter remaining vulnerabilities. Though many companies have built stable cyber defense networks by identifying critical assets requiring unique protections, and applying appropriate solutions, even small vulnerabilities can compromise a robust cyber defense system. Proactive protection against the unexpected and unforeseeable is critical, which is exactly what we learned in the wake of restaurant giant Landry Inc.’s hack, announced Dec. 31, 2019.
The Landry’s Hack
Landry’s installed end-to-end encryption technology on all Landry’s-owned restaurant point-of-sale (POS) terminals in 2016. Despite the cybersecurity measures taken for the POS terminals, waitstaff mistakenly completed transactions for kitchen and bar orders on unprotected order-entry system devices. The malware that Landry’s discovered in its systems in December appeared to be searching for track data, which includes the information encoded within the magnetic strip on the back of a credit card. Because of the end-to-end encryption system protecting POS terminals in Landry’s 600+ locations worldwide, the malware was unable to access the data of payment cards swiped correctly on the protected terminals.
Landry’s cyber defense system was working correctly; however, because the order-entry system devices were unprotected, the malware could potentially access all track data from the order-entry system, including cardholder name, card number, expiration date and internal verification code. Landry’s reported that such incidents were rare, but even one breach can have a significant (even irreparable) impact on a business’s finances and reputation.
Companies can bolster their cyber defense systems with several precautions:
1. Protect All Network Components
In the Landry’s attack, point-of-sale terminals were fully protected with end-to-end encryption that successfully defended customers’ card data. The order-entry system devices, however, had none of the same protections. Because the different devices making up Landry’s cyber defense network had their own vulnerabilities, the gap in protection became a vulnerability to Landry’s entire cyber defense strategy. A clustered cyber defense solution aggregating all devices behind an Armored Cloaked Network could be quickly scaled to provide preventative protection no matter each device’s relative level of vulnerability.
2. Train Employees in Cyber Defense
Though Landry’s waitstaff knew how to use the protected POS terminals securely, some members of the waitstaff did not know to avoid the order-entry systems. Providing recurring, comprehensive cyber defense training to all employees can help ensure that your business stays secure. Choosing a prevention-based approach to cyber defense that builds on existing security systems can help employees adjust to cyber defense procedures as well. This defense-in-depth approach also mitigates the risk of human error because data is only transmitted in secure, encrypted tunnels between pre-authorized devices.
3. Strengthen Network Segmentation
The initial malware installation likely did not come from the order-entry systems; however, without network segmentation, nothing prevented the malware in Landry’s network from gaining access to payment card data in the order-entry systems. The POS terminals did have a level of isolation, as none were breached by malware. Had Landry’s entire network been segmented into isolated subnetworks, however, the malware would have been contained far sooner, and customer card data from the order-entry devices might not have been compromised. In particular, Vericlave’s Armored Cloaked Network was specifically designed to prevent unauthorized access or extraction of data from protected networks.
Landry’s launched an investigation into the breach with a leading cybersecurity firm, eventually removing the malware and providing additional training to waitstaff. But the lesson remains: even if businesses take all cybersecurity precautions possible, unexpected security events are bound to occur. Implementing a defense-in-depth approach with a preventative solution that acts as a protective overlay can mitigate accidental vulnerabilities in a business’s cyber defense before such vulnerabilities slip through the cracks.
Vericlave’s Armored Cloaked Network is a Layer 2 solution that provides a proactive approach to cyber defense for businesses nationwide. Concealing and isolating networks from hackers prevents the unknown vulnerabilities from becoming critical issues. Schedule a demo today to learn how we can help guard your business even in the face of unforeseen cybersecurity complications.