It speaks volumes for the state of network security when my reaction to the news of an apparent credit card breach in the Trump hotel chain was, “yeah, so?” Credit card breaches are so yesterday, right? Lately, data breaches are all about personally identifiable information and intellectual property, or so it seems.
The Trump Hotel credit card breach is a reminder that financial data is still a hot commodity and, despite steps to improve credit card security and rethinking the way the information is encrypted, this is still an easy gateway theft for cybercriminals. What makes this one a little different than, say, a Target or Home Depot credit card breach, is that it hit multiple locations and entities. Ken Westin, senior security analyst for Tripwire, explained in an email to me:
This is not an attack that targeted a single hotel or store. Instead, this was the result of a larger more sophisticated and orchestrated attack. When a larger group of organizations appear to be involved, it usually indicates that the breach took advantage of shared network resources or applications. Many organizations share backend systems and payment gateways to reduce costs and increase operational efficiency, and the data on these shared systems are a very high value target for attackers.
However, another recurring concern also raised its ugly head in this particular breach. According to eSecurity Planet, the breach dates back to February, and as Ross Brewer, vice president and managing director for international markets at LogRhythm, told me in an email conversation, this is a serious problem:
One of the main themes we see time and time again is hacks going unnoticed for months on end. In this case, it is being suggested that five months may have passed before anyone was made aware and that is a problem. Not only does it negatively impact customers, but it does no favors for the reputation of the businesses themselves either. The sophistication of hackers today means that trying to prevent a breach from happening has almost become pointless and instead, organizations need to focus on detecting and responding to suspicious activity as quickly as possible.
Brewer thinks it is time that businesses start taking a more holistic approach to security. It’s a suggestion that I’m hearing more often from security experts and evangelists. This means continuing a layered approach that has been done in the past, but with layers that will complement each other, rather than working as individual security checkpoints. It involves everyone being on board and working with each other – and that includes employees and decision makers.
Would a holistic approach have stopped the Trump breach? I have no idea. Would it have revealed the breach earlier? Quite possibly. What we learned, however, is that these security situations are repeating themselves, with just small individualistic quirks, and we aren’t getting any better at stopping them.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba