US payments giant NCR has been hit by a ransomware attack targeting one of its data centers in Aloha, Hawaii.
The company disclosed the breach Saturday, days after it began investigating “problems” related to Aloha restaurants’ point-of-sale (PoS) products.
“On April 13th, we confirmed that the outage was the result of a ransomware incident,” the notice reads. “As soon as we discovered this development, we began contacting our customers and working with third-party cybersecurity experts to launch an investigation. Law enforcement agencies have also been notified.”
The company also claimed that restaurants affected by the breach could continue to serve customers with only “certain functions” impaired and “no payment applications or on-premises systems impacted.”
Still, according to Simon Chassar, CRO at Claroty, research from security firms shows that ransomware on PoS platforms can wreak havoc on companies in the hospitality industry.
For more information on hospitality attacks, see Travel and Hospitality Scams on the Rise: How It Works.
“Our research found that 51% of the food and beverage sector reported substantial disruption when hit by a ransomware attack in 2021,” the executive commented on the news. “Furthermore, these attacks can result in significant financial losses to the organization, with more than one in three saying that the revenue impact of disrupted operations would be at least $1 million per hour.” has said.”
More generally, as the hospitality industry adopts more cyber-physical systems, organizations are increasingly exposed to new cyber threats and vulnerabilities that can lead to costly operational downtime, Chassar said. said.
“Enterprises need visibility across all connected assets across the network to understand the risk landscape and patch critical assets such as operational technology (OT) and IoT devices,” said Chassar. added. “It is also imperative to segment the network to limit unnecessary connections and malware movement to mitigate the impact of cyberattacks.”
Read this analysis by Terry Olaes, Senior Technical Director, Skybox Security, for more information on how to respond to the rapidly growing threat landscape and mitigate cyber risk.
