Information security lessons from the marriott data breach

In December 2018, news about a massive data breach of networks used by Marriott International prompted United States Secretary of Commerce Wilbur Ross to comment on the matter. In response to a question presented by financial news network CNBC about the Marriott incident, which compromised the personal information of up to 500 million hotel guests around the world, Secretary Ross complained that many companies are failing to respond to the current cyber threat climate.

In December 2018, news about a massive data breach of networks used by Marriott International prompted United States Secretary of Commerce Wilbur Ross to comment on the matter. In response to a question presented by financial news network CNBC about the Marriott incident, which compromised the personal information of up to 500 million hotel guests around the world, Secretary Ross complained that many companies are failing to respond to the current cyber threat climate.

FAILURES OF BUSINESSES TO UPDATE SECURITY

The hotel industry has notoriously lagged behind the information security curve. From credit card skimming to hijacking public Wi-Fi services and from keystroke loggers to ransomware that locked guests out of their rooms, cybercrime groups have been increasingly targeting hotels in recent years. Along with the retail and financial industries, the hotel sector is one of the top three sectors most likely to be targeted by hackers.

In the specific case of the Marriott data breach, details about the attack suggest that a very sophisticated group was behind it. Through a series of exploits, hackers were able to install malware that should have been detected by Marriott’s IT security system; gigabytes of personal records were slowly copied over a few months so as to not arouse suspicion. Marriott executives later acknowledged that their cyber defenses did not provide adequate protection against the attack.

PROTECTING LOCAL BUSINESS NETWORKS

While the Marriott incident can be said to be inexcusable because of the high profile the company commands, similar situations affect most small businesses in the sense that they fail to adequately protect their office networks. At Sonic Systems, our technicians are often called to commercial establishments operating their networks with the same kind of router you typically install at home. In many cases, business owners complain that their networks are running slow; indeed, this is what usually happens when you try to run a business off a cheap router, but there are also security issues to consider.

High Desert business owners have a lot to learn from the Marriott data breach, but they should focus on the assertion by the hotel chain about not being prepared. Instead of hoping that a router you can buy at Walmart plus free antivirus software will protect the information of your company, customers and employees, you should consider a solution such as the SonicSecure Firewall Server, which real-time management of both inbound and outbound connections, user access control, intrusion detection, advanced reports, and load balancing.

Information security experts believe that more small businesses will be targeted by hackers in 2019. Now is the time to make sure your network is protected; contact Sonic Systems for more information.