How Anomaly Detection Could Have Prevented P.F. Chang's Data Breach

Last week the Wall Street Journal confirmed a credit card breach at PF Chang’s:

The scope of the incident is still unknown, but cybersecurity blogger Brian Krebs earlier this week reported that data from thousands of stolen cards had been used at P.F. Chang’s locations between the beginning of March and May 19. Hackers can get into cash registers at retail locations and plant software that records data from the magnetic stripe of the backs of credit cards. Data from those magnetic stripes can then be re-encoded onto new plastic and used by thieves to buy goods.”

Like Target and Michael’s stores, this is another security breach at the point-of-sale (POS) credit card readers.

What can organizations do to protect their POS systems from hackers? They can use anomaly detection to understand what is “normal” behavior in their system – called a baseline – and be alerted to anomalies which they can investigate.

Remember that Target’s security tools found dangerous malware but it took two weeks for staff to take action to stop the theft of the credit card information. Why did it take so long for them to act? Because the plethora of security and monitoring tools in today’s data center creates a tremendous amount of alert “noise,” making it difficult to understand what is important – like a security breach – versus what is a routine alert.

AccelOps anomaly detection can determine traffic and communication anomalies on all of your devices, creating a baseline for traffic and communication patterns.  Once an anomaly is detected, you can isolate the devices in question and forensically analyze if malware is present and what it is doing. 

It only takes one system with malware to allow a hacker full access to your environment. You need to be able to cut through the noise of every day traffic patterns to find the needle in the haystack and stop the malware before you have a security breach.

Want to talk about how AccelOps can help you keep you monitor your network? Contact us; we’re here to help.

 

 

Authors

Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone Marta Stone

Try AccelOps FREE for 30 Days

 

Get a Live Product Demo

 

Tags

cloud security big data RSA analytics compliance Q&A PCI DSS HIPAA Sarbanes Oxley (SOX) Target breach

About Accelops

AccelOps provides the leading IT operations analytics platform for the modern data center. The virtual appliance software monitors security, performance and compliance in cloud and virtualized infrastructures – all from a single screen.

 

AccelOps automatically discovers, analyzes and automates IT issues in machine and big data across organizations’ data centers and cloud resources, spanning servers, storage, networks, security, applications and users. AccelOps’ patented analytics engine with cross-correlation and statistical anomaly detection sends real-time alerts when deviations occur that indicate a security or performance-impacting event.

 

The AccelOps platform scales seamlessly and provides unmatched delivery of proactive security and operational intelligence, allowing organizations to be more responsive and competitive as they expand their IT capabilities. 

Keep Social