Brian Krebs reported that credit and debit card payments giant Verifone is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions. Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted. IT security experts from Varonis, Imperva, VASCO, Balabit and CipherCloud commented below.
Brian Vecci, Technical Evangelist at Varonis:
“Much like the EU will mandate strict controls with GDPR for how EU citizen data needs to be treated, organisations should have clear policies for their vendors for how potentially sensitive information is treated once it’s in their hands. Every company needs their own GDPR-like policy for their own data. Vendors and other partners should be able to demonstrate security by design, regular risk assessments and effective detective and preventive controls on that data. The ones that do will have a clear competitive advantage now and especially in the future.”
Itsik Mantin, Director of Security Research at Imperva:
“Little information is available about the incident, but despite of Verifone clearing siren for the payment system remaining intact, there are many ways an infection can propagate from the enterprise network to the payment system.
“Whether or not it happened depends on many factors, one of the most important ones is how much time had passed from the breach to its discovery. From what we know, breaches remain undiscovered for weeks, months and sometimes even years when, during this period, attackers can collect sensitive data and record users credentials without interference. Then a single user that uses the same or similar password to access both the enterprise network and the payment system can be the bridge for the attacker to travel between the systems.
“With cyber criminals becoming more and more sophisticated and creative, they will continue finding their way in and we will continue hearing about breaches exposed. The challenge for organisations today is, even when losing some battles, keep winning the war. Security officers should operate under the assumption that the attackers are already inside their systems, looking for ways to deepen their grasp and crawling searching for business-critical data.”
John Gunn, CMO at VASCO Data Security:
.
Péter Gyöngyösi, Blindspotter Product Manager at Balabit:
Willy Leichter, VP of Marketing at CipherCloud:
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.