What do Subway, Zaxby’s and Wendy’s have in common? They are the latest victims of a hackfest, with thousands of stores in various parts of the country vulnerable to malware attacks. Credit and debit card customers are targeted at the POS stations of the restaurants. In some cases, the malware was detected and blocked, but not until a lot of money was rerouted to the hackers. In the case of Subway, it was discovered that the remote hacking was Romanian. In 2012, Verizon did a study of the food industry, discovering that 54 percent of data breaches occurred in that industry. Subway, for instance, was the Romanian-originated target, with 146,000 customers ripped off from 2009 to 2011. Malware is the most insidious and prevalent tech news to hit the food industry.
What is Malware?
Malware is a shortened term meaning malicious software. This software is downloaded onto a computer totally without the knowledge of the computer’s owner. It comes in the form of worms, viruses, ransomware and other types of evil. What actually began as a prank suddenly has become a very lucrative adventure for its programmers. It can be installed on any computer at any time, due to the code being programmed into perfectly normal things like advertising. The software integrates itself into the operating system or OS of the computer, and then it steals sensitive information. The owner never knows what hit him.
What about These Restaurants?
Zaxby’s is a chicken-based franchise in the South, having begun in Statesboro, Georgia. In 2013, it was discovered that malicious software was present in the POS systems of several of its locations. Its credit card processing agents noticed the malware, shut it down and alerted the proper authorities. While the processing agents couldn’t be sure information was actually stolen, they thought better safe than sorry. Additional safeguards were put into place, and the restaurants offered its customers free credit reports for a time, so they could keep an eye on their financial well-being.
However, in 2016, Wendy’s discovered that it had been hit between October of 2015 to February of 2016. Again, payment processors noticed unusual activity and notified the franchise owners. Wendy’s, too, offered protection to the customers of the stores that had been hit during the months they had been hit. No one has released the amounts of money concerned, like Neiman Marcus and Target did, but the fact remains that these cyber attacks can hit anyone at any time.
But I’m Not a Franchise Owner
Unfortunately, that doesn’t matter to a criminal. Even the smallest of coffee shops, tea rooms or juice bars use computers, digital devices for ordering or WiFi for their own use and/or their customers. Small businesses especially need digital devices to help keep track of inventory, food costs, labor and the like. Most have a website with which to draw customers. Many use some type of online advertising. Obviously, these things are necessary to remain in business. So if it has an IP address, it is vulnerable to attack.
What’s the Answer?
Vigilance is the answer. Small business owners, even if they don’t know much about how computers work, can still stop cyber criminals in their tracks with a few basic steps:
Make sure you have a firewall, that it is a strong one such as Zone Alarm and that you have good virus protection such as McAfee or Norton If managers work from home or IT people maintain your systems, change the password at least once a week if not each couple days. Do not use default codes, because cyber criminals know them all. Make sure a VPN or virtual private network is in place with strong passwords Separate your POS data from all other digital information. For example, set your WiFi, security devices, ordering devices and such on a different pathway Update your POS system. Payment card information should be encrypted as the cards are swiped, with no information being temporarily stored in a server that could be vulnerable to attack. Make sure your POS system complies with PCI standards Update your software regularly. New software is constantly being produced that checks for vulnerability and eliminates nooks and crannies cyber criminals can use to squeeze into your system Scan your network constantly. If you don’t know what to look for, for a small yearly fee, outside companies will keep an eye on your network and let you know if there are weak spots cyber criminals can use to gain access. Think of this expense as going to the doctor for a checkup twice a year. It beats the alternative, yes? We make an ordering system that helps restaurants order, prepare and deliver food in a timely manner. We, too, are concerned about cyber criminal activity and hope these tips help keep your establishment safe from hackfests.