Thursday, May 17, 2018
Hey, look! Another data breach. This time, Chili's was breached due to malware on the Point of Sale (POS) appliances.
"A breach is always bad news, but perhaps the silver lining here is how quickly the breach was discovered, and customers were notified. This gives hackers less time to exploit the stolen debit and credit cards and makes the breach less valuable to criminals,”
When something like this occurs, the question always seems to be "How did this happen?" Technology is only as good as its weakest link. Data breaches could happen because of social engineering, outdated or unpatched software, or malicious applications stealing data.
PCI DSS outlines security controls and procedures for handling payment card data. Let's ask the question though, why does something like PCI DSS exist? Because technology is complicated, and if not adequately maintained, reviewed, and audited, data breaches are inevitable.
We've built all these controls and procedures, but have we ever considered the underlying technology is flawed? Our trust model is broken and should be replaced with something that ensures deny-by-default whitelist only policy that is easy to set up.
Travis Smith, principal security researcher at Tripwire, says it best: “Using application whitelisting to prevent unknown programs from running is generally the best defense against malware such as the one used to steal credit card numbers from point of sale machines. The next best defense is a properly segmented network that isolates payment systems, allowing them to only communicate with critical locations on the internet. This will allow infected machines to prevent credit card data from leaving the company's systems.
It's a good thing Tempered Networks provides solutions for doing just that. Our HIPservices are built to allow secure, trusted communications with a view into what devices and things can communicate with what, that only you, the admin, have visibility into. Had Chili's implemented Tempered Networks IDN micro-segmentation, the POS data exfiltration would not have happened.
Read more about how Tempered Networks IDN solution can help at https://www.temperednetworks.com/solution/use-cases/PCI-networks