Payment Systems across Hotels hit with Malware Breaches

Payment Systems across Hotels hit with Malware Breaches

In the past few months, several top hotel chains have reported malware breaches in their payment systems. In October 2015, the payment card system used by Donald Trump’s was infected with malware, possibly resulting in the theft of patron credit cards. November and December saw a continued trend with three more international hotel chains reporting malware detection in their payment systems.

The Wall Street Journal reported notable similarities between the variants detected in all these incidents. According to NBC, the malware was lurking in one of the hotel’s network for a 17-week period, meaning that any guests who paid with debit or credit cards in that time frame are at risk.

PCI-DSS Compliance

With the ever-growing use of online payment gateways, it has become mandatory for businesses to abide by the Payment Card Industry Data Security Standard​ ​(PCI​-D​SS)​​.​ Especially for service-based industries. Breaches in payment processing and point of sale systems can negatively impact a brand’s trustworthiness.

The last thing a guest at a hotel wants to hear is that their credit card information was stolen, especially if it has been weeks or even months since they visited. With malware variants getting sneakier and more sophisticated than they ever have been before, it’s not entirely possible to avoid getting targeted, or breached for that matter. Therefore, a key topic of discussion following such an incident will always be how it could have been avoided.

Tackling undetected malware

While there are multiple solutions to tackle such situations using the ‘detect & resolve’ approach, there is always a possibility of new/ unknown threats getting past such solutions. In this case, the malware remained undetected for weeks. So one key challenge is tackling undetected/ dormant threats before they ​actually cause proble​ms.

Reboot​ to restore software​ has been widely used for this purpose.​​ A daily maintenance schedule set using reboot to restore solutions, can easily ensure clean, malware-free systems in such environments, without any manual intervention. Even undetected intrusions including memory-scraping malware and other intrusions are wiped out with just a simple reboot.

Cloud-based solutions such as Faronics Deep Freeze Cloud have the added benefit of making it possible to manage ​systems​ across multiple locations​,​while automating maintenance activities using  a central console.​

To learn more about how a cloud-ba​s​ed reboot to restore solution can​ automate computer maintenance​, and make it easier for system administrators to​ ​​​providing a secure user experience​ along with ​liability-free systems, contact Faronics today.

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.