Technology’s role in the dining industry is more powerful than ever. This is mostly a good thing, streamlining operations, increasing efficiency, and ultimately making it much easier to run a restaurant or bar. But with technology comes a disturbing modern problem: threats to cyber security.
The Threat of Cyber Theft
Credit and debit card theft is one of the earliest forms of cybercrime, and it continues to persist today. At the high crime levels, criminal hacking gangs organize and execute sophisticated cyber theft, often by accessing the online databases of major companies. Some of the biggest cyber thefts to date include:
TJX cyber theft—The parent company of discounted big-box retailers T.J. Maxx and Marshall’s was one of the first hit by major cyber theft. Roughly 45 million of its shoppers’ credit and debit card numbers were stolen. The hacker was caught and sentenced to 20 years in prison.
PlayStation Network and Sony Online system hack—In 2011, an unknown group of hackers stole 77 million gaming users’ account information, causing an estimated $1 to $2 billion worth of damage.
Target data breach—In 2013, the nationwide retail store’s online shop was compromised. Over 40 million customers’ information was stolen. The data breach cost Target $148 million in gross expenses.
Other retailers and food companies hit in 2013 and 2014:
- Benny’s Pizza
- Aaron Brothers
- UPS Stores
- Sally Beauty Supply
- Splash Car Wash
Most recently, burrito chain Chipotle was targeted. Between March 24 and April 18 of this year, Chipotle’s locations nationwide were targeted by malware that attacked their POS system. The malware infected cash registers and extracted information from the black strips on credit cards when they were swiped. Data on these track strips include the customer’s full name, card number, expiration date, and even the internal security code (the numbers found on the back of the card).
The number of customers who had their information stolen is still unknown, but most of Chipotle’s locations were hit.
Chipotle uses a popular Windows-based legacy POS system, one that is considered susceptible to hacking. Unfortunately, this might not be the last time we see this security breach. Windows-targeted malware is an ongoing threat; just two months ago (April 2017), dangerous malware was made available for download by a group called the Shadow Brokers.
Cyber Theft Malware Targets Windows Users
Shadow Brokers leaked software that the NSA also used. It’s called Eternal Blue, and officials believe it has already been picked up by crime families. Eternal Blue is a powerful malware that would allow anyone to wreak havoc on any computer. Microsoft has already devised new updates to protect Windows users from that potential catastrophe.
The malware, available for any hacker to download, targets Windows systems specifically—version 10 (excluding recent 2017 updated Windows 10 versions) and older. This provides just about anyone with the tools necessary to attack millions of computers.
“This is as big as it gets,” said cybersecurity expert Mathew Hickey. “Nation-state attack tools are now in the hands of anyone who cares to download them…it’s literally a cyberweapon for hacking into computers…people will be using these attacks for years to come.”
The Ransom Malware Attack
Another security breach took place two weeks ago: A malware called Ransom affected 57,000 computers worldwide. Convincing spam emails were sent out with attachments disguised as job offers, invoices, or other “legitimate” documents. Once opened, the malware infiltrated the computer, shutting it down. A message then appeared on the screen, demanding payment—between $300 and $600—for the user to regain access.
Restaurant Point of Sale and Cyber Safety
Not only are consumer dining choices influenced by new technology, but cloud-based point-of-sale systems are replacing stationary legacy systems. For the first time, restaurants and bars have convenient operating systems and secure methods for accepting credit and debit card payments.
Affordability and ease of use have made new mobile POS systems popular, but what makes them invaluable are their increased security levels. Encryption, tokenization, and EMV chip card technology in mPOS (mobile point of sale) allow restaurant owners to rest easy. On legacy systems, on the other hand, local credit card storing poses a real security risk. Point-of-sale malware has been one of the biggest sources of stolen credit and debit card information since 2005. Cybercriminals have become savvier over the years, to the point where POS malware kits have been built for sale.
To combat the growing threat of cybercrime, credit card security technologies also advanced—for instance, by implementing chip technology. Yet there are still gaps in the security of many POS systems, putting retailers, restaurants, and bars at risk of a data breach if using Windows operation systems.
Apple-Based POS Systems Prove to Be the Safest Option
To date, no Apple-based POS system has been hacked. To maintain its unsurpassed security measures, Apple has strict requirements. To read about Sandbox and Apple’s three-part security certification for any application, visit this link.
Apple’s iOS is renowned for having an iron-clad security system that prevents hacking and malware invasions. As computer-security specialist Brian Krebs noted in the Washington Post, “An investigative series I’ve been writing about organized cyber crime gangs stealing millions of dollars from small to mid-sized businesses has generated more than a few responses from business owners who were concerned about how best to protect themselves from this type of fraud. The simplest, most cost-effective answer I know of? Don’t use Microsoft Windows when accessing your bank account online.”
An iPad-based point-of-sale system is not just easy to use at your restaurant, but it’s also an incomparable way to protect your business from cyber theft.