Following the news about Wendy’s breach 3x scope previously reported, Brad Bussie, Director of Product Management, STEALTHbits commented below.
Brad Bussie, Director of Product Management at STEALTHbits:
“Based on the information coming out of Wendy’s, a different and difficult strategy should be considered. What they have shown over the past six months is that the scope of the malware infection is still unknown. They have a moving malware target that has grown from 300 locations, to five percent of locations, and now 1000 locations. When a company can no longer trust its end point servers operating globally, drastic actions may be in order. The most logical thing to do in this instance is to invest in protecting your brand and deploy new servers to all Wendy’s locations. The damage the malware has caused and will continue to cause can’t be assigned a simple monetary value. The reputation of Wendy’s is at stake and the quickest and most controlled way to eradicate the hack is to decommission the current stores infrastructure. This approach will need precise orchestration as none of the existing systems can be allowed to talk to the newly deployed systems. Laser focus is required to make sure the new servers are deployed with the latest protection, including blocking internet browsing, disallowing the use of removable devices, and tightly controlling store administrative access. Wendy’s depends heavily on ranching and farming. To borrow an analogy from crop growing, when the breadth and depth of an infestation is unknown, it makes the most sense to burn your fields, till the earth, and start over.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.