More commonly, hotels are reporting that point-of-sale (POS) systems are being compromised by malware. In July, Omni Hotels & Resorts issued a statement that POS systems had been breached, while just this month, HEI Hotels & Resorts announced it was investigating a POS hack that affected Hyatt, Marriott, and Starwood properties. In both cases, the breach seemed to have continued for several months before being detected.
According to Stephen Gates, chief research intelligence analyst at NSFOCUS, a security solutions provider, the key to minimizing breaches is to limit the time frame between infection and detection.
While hotel websites are vulnerable, Gates says they are easier to protect given advanced firewall protection. POS systems, on the other hand, require a different kind of approach.
“These POS devices are not necessarily Windows computers—many of them are running a skinny operating system, and there could be vulnerabilities in there. They might not be patched often,” he explains. “Having good detection—watching what kind of information is leaving those POS terminals and knowing where the information is going—is the big challenge.”
This challenge can be met with threat technology—a method more frequently being adopted by Fortune 500 companies to protect valued information.
“Threat intelligence can be used two-fold. It’s basically creating intelligence that provides insight into these bad, known IP addresses and URLs. Organizations today are learning to take advantage of threat intelligence not only to detect inbound malicious actors and their IP addresses, but also to help alarm on when devices in the network are obviously going to a malicious IP address or URL,” Gates explains.
By using threat intelligence, hoteliers are able to trace where information is coming from and going to, rather than needing to wait for customers to consistently report fraudulent charges before realizing there is a wider issue.
“The responsibility of the hotel chains out there is to shorten that time from infection to detection,” Gates says. “Most people don’t know what’s actually leaving the network. Threat intelligence makes next generation intrusion prevention technologies so much more effective, intelligent, and aware.”
