In the past few months, several top hotel chains have reported malware breaches in their payment systems. In October 2015, the payment card system used by Donald Trump’s was infected with malware, possibly resulting in the theft of patron credit cards. November and December saw a continued trend with three more international hotel chains reporting malware detection in their payment systems.
The Wall Street Journal reported notable similarities between the variants detected in all these incidents. According to NBC, the malware was lurking in one of the hotel’s network for a 17-week period, meaning that any guests who paid with debit or credit cards in that time frame are at risk.
PCI-DSS Compliance
With the ever-growing use of online payment gateways, it has become mandatory for businesses to abide by the Payment Card Industry Data Security Standard (PCI-DSS). Especially for service-based industries. Breaches in payment processing and point of sale systems can negatively impact a brand’s trustworthiness.
The last thing a guest at a hotel wants to hear is that their credit card information was stolen, especially if it has been weeks or even months since they visited. With malware variants getting sneakier and more sophisticated than they ever have been before, it’s not entirely possible to avoid getting targeted, or breached for that matter. Therefore, a key topic of discussion following such an incident will always be how it could have been avoided.
Tackling undetected malware
While there are multiple solutions to tackle such situations using the ‘detect & resolve’ approach, there is always a possibility of new/ unknown threats getting past such solutions. In this case, the malware remained undetected for weeks. So one key challenge is tackling undetected/ dormant threats before they actually cause problems.
Reboot to restore software has been widely used for this purpose. A daily maintenance schedule set using reboot to restore solutions, can easily ensure clean, malware-free systems in such environments, without any manual intervention. Even undetected intrusions including memory-scraping malware and other intrusions are wiped out with just a simple reboot.
Cloud-based solutions such as Faronics Deep Freeze Cloud have the added benefit of making it possible to manage systems across multiple locations,while automating maintenance activities using a central console.
To learn more about how a cloud-based reboot to restore solution can automate computer maintenance, and make it easier for system administrators to providing a secure user experience along with liability-free systems, contact Faronics today.