Point-of-Sale Attacks Leverage Weak Remote Security and Passwords - Blog - Duo Security - 0 views
-
Weak remote security and passwords contribute to 94 percent of point-of-sale (PoS) breaches
-
The report found that much of the food and beverage and hospitality compromises were due to the dependence on remote access software to remotely manage locations and payment systems.
-
But many times, remote access software were deployed with weak or default credentials, making them a prime target for criminals.
- ...4 more annotations...
-
In a report generated by Trustwave Global Security shows that about 94% of POS hacks are contributed by weak remote access. The hospitality industry seems to have taken the hardest hit. We know of the grueling schedules that come with working in our industry and how we all can't be there seven days a week. So when management are in the comfort of their relaxation area and remotely access the POS systems, they seem to be leaving the doors open for hackers to enter, as well. "In a breakdown of types of IT environments most frequently compromised, POS systems and assets were associated with 95 percent of breaches in the food and beverage industry" (Pham). One popular hospitality establishment that has reported a breach is the New York location of Eataly. The thought process behind why these hacks are happening has not been figured out yet, but the idea has been tossed around that it is because of the credentials used to remote access. The temporary solution is to create a double layer security system, also known as two-factor authentication. By doing it this way, you can log in using your credentials, but then have a second login that needs to be verified by way of sending codes and authentications to technologies that you would have in your possession (cell phones, emails, etc.) so no one else can access that information.