Hackers attack over 20 hotels from various established brands

Following the news that hackers have attacked 20 hotels run by HEI Hotels and Resorts, including Hyatt, Marriott, Starwood and Intercontinental with a targeted malware, Ken Bechtel, malware research analyst, Tenable Network Security offered @DFMag the following comment;

“The latest string of point-of-sale (POS) malware attacks on retail and hospitality systems is indicative of the evolving threat environment. Mobile devices have become one of the largest growing threats for malware, and storing credit card data in various e-wallets, and in some cases apps, such as those used in fast service coffee shops, provides a lucrative target for profit-driven malware authors.

“However, we often forget that the consumer is at a distinct disadvantage when dealing with POS malware, as this threat is beyond their control. While card holders can help protect their accounts by watching for skimmers, keeping their card within sight while paying bills and checking credit card statements for fraudulent activity, once a POS system is compromised there is nothing the user can do to prevent the activity. It’s the responsibility of the organisation to detect anomalies in credit card transactions and then take ongoing steps to prevent and remediate potential malware threats.

“Unfortunately, many companies struggle to keep up on security due to staff shortages, or a lack of proper tools to look for and identify abnormal network activities that could indicate a new piece of malware on the network. Although one-hundred percent prevention is unrealistic, having complete visibility into the overall security posture will help organisations lessen the risk of exposure to customers and detect vulnerabilities earlier.”