| February 24, 2016
| 4:00 AM
In February 2016, Verizon security team, after identifying an alarming trend of confirmed data breaches within the past three months, issued an alert regarding an elevated threat level affecting the payment systems within the hospitality industry. The RISK team dispatched an advisory identifying threat indicators so organizations can be better prepared to address warning signs that left unchecked could potentially result in damaging, costly breaches. Other industries, including the healthcare industry, can learn from these findings before they fall victim to similar attack patterns.
The most common attributes include the following: the primary target for stolen assets was guests’ payment data, which were taken from hospitality franchisees’ compromised systems; the cybercriminals hail from Eastern Europe; they were able to retrieve the data by installing and running software, creating files and directories, and scheduling tasks that enabled, for example, data transfer; and RAM-scraping malware was the common tool used in most of the breaches.
Preventative countermeasures include establishing baseline and visibility, improving access control, implementing network segmentation, increasing scrutiny of third parties, and planning and testing incident response. To read this risk intelligence advisory report, click here.
