1.) The top 5 biggest threats to restaurants are hackers, POS malware, ransomware, inside threats and Wi-Fi security.
When it comes to hackers, these highly skilled computer experts use their knowledge to exploit or break into connected devices and computer systems. They target restaurants due to the abundance of poorly secured systems. Once they find a vulnerability and get into the network, they go after the POS systems. Due to the POS doing the simple job of processing transactions, the typical alarm bells of a desktop computer hack would not be seen by a user, for example, ransomware messages, degraded performance, etc.
With POS malware it is quite simple, sometimes malware will discreetly slip by antivirus programs and then stealthily extract payment data, despite the presence of traditional firewalls. From there, it can extract stolen data slowly, making it look like normal traffic. Weeks or months could go by and by then, who knows how many customer credit cards have been breached?
Ransomware is an interesting one. Imagine logging into your back-office system only to be greeted with a frozen screen. You cannot access your files and then see a ransomware message: Pay $15,000 to access encrypted files. There’s nothing that can be done at that point. Ransomware prevents users from accessing their system until a ransom is paid to get a decryption key of some kind. Ransomware attacks are difficult to track down and have almost no way of getting around them.
Whether it’s an honest mistake or a disgruntled employee, inside threats account for about 50 percent of all security incidents. An inside threat can range from someone intentionally installing malicious software to accidentally opening an email that they believed was the real deal only to find out that they have compromised their entire network. It’s nearly impossible to stop this from occurring, but with the right managed security in place, it can be thwarted or caught before real damage is done.
Securing your Wi-Fi with firewalls and ensuring cellular backup from downtime will protect cashflow, your own restaurant’s security, and patrons’ security. Having separate Wi-Fi access points for patrons versus the POS and business network is crucial. You can lose connection at any time and lost connection means lost business. Having a backup cellular option in place is easy, affordable, and imperative. Especially in todays time. Many restaurant owners set up a firewall as a basic security measure and believe their networks will be sufficiently protected. In today’s cyber world, firewalls can’t just be set up and run on their own. While a network firewall is a fundamental security component, it must be actively monitored, managed, and updated to be effective. Even still, a managed firewall cannot defend every threat. Attack and breach prevention requires a new approach, and many products and service providers simply do not have the ability to stop cybercriminals before they do legitimate damage.
Know yourself: Identify at least 5 digital processes, systems, and/or functions your company has in place. Importantly, address how could those be exploited or manipulated in order to gain access to valuable corporate or customer data?
The five processes my company has in place are VPN’s, Firewalls, encrypted passwords, secured wifi networks and backup cellular options.
VPN’s can be manipulated by hackers by either breaking the encryption through known vulnerabilities or steal the key through unethical means. Hacking a VPN is far harder than just stealing the key. Because VPN’s run very complex mathematical computations it would require powerful computers and up to years of hacking to crack which is why hackers try to just steal the key.
To put it simply, a firewall with DPI (deep packet inspection) which is an advanced method of examining and managing network traffic, will inspect all of the data packets entering and leaving your network to check for malicious code, malware, and other network security threats. Encrypted injection attacks are usually delivered via phishing emails. To get around the firewall, attackers direct emails to specific targets within the network with the intention of tricking a user into accessing the email, which then gives them entry. Alternatively, they can attack public IP addresses found on a server to update their C&C (command and control) systems.
When it comes to hacking passwords we must understand how passwords work in the first place. When you make a password it’s obviously best to make one that you will remember. However, making a password you will remember and that will be secure are two different things that must coincide for a secured experience. Most people when creating a password don’t consider how safe that password might actually be. Some do the traditional 123456 or “password” as their password but that’s exactly how hackers get you. One of the most common ways of hacking passwords is by using a technique called Password Spraying which is a technique that attempts to use a list of commonly used passwords against a user account name, such as 123456, password123, 1qaz2wsx, letmein, batman and others. Once we have established a secure password we must then encrypt it. Not all passwords are encrypted. Encryption uses an algorithm to scramble, or encrypt, data and then uses a key for the receiving party to unscramble, or decrypt, the information. Hackers can use advanced algorithms to counteract the encryption and extract the passwords.
Secured wifi networks are a must for anyone not just organizations and business. When a wifi network is hacked, hackers can obtain your location, IP address and your internet traffic. With that information hackers can use that to exploit users information that are connected to your wifi network and steal their information as well. This information can be used as ransom or can be sold to the black market.
Cellular backup options can be harder to hack than wifi because of the vast array of firewalls that are in place but when a hack is made on a cellular backup it is mostly because of software update issues and the company that is providing it. Similar issues occur when it is hacked versus a wifi network.
Develop your strategy: As the chief technology executive, make 5 recommendations that your company should adopt to be more safe, secure, and reliable. Again, consider hardware, software, networks, and human policies and procedures. (e.g., appropriate use policy on corporate computers; firewall; SSL/web encryption; backup/retention)
Five recommendations I would make are to 1.) insure that employees are trained in spotting out phishing emails and understand the consequences of falling prey to them. 2.) Have the latest and most up to date software security methods so that the company is always ready to defend itself against malicious wrong doers. 3.) Input security protocols that protect customers from hackers by making sure we use VPN’s in our networks and have separate network channels for both company use and public. 4.) Insure that we have backup cellular options incase anything were to happen to our network. And finally, limit access to company computers to managers and supervisors as to avoid in house hacking issues.