In an increasingly digital age, cyberattacks are becoming a common and devastating threat to the restaurant industry. As most owners depend on computer programming for daily operations, restaurants are continually at risk of data breaches.
“A cyberattack is scary and can mean the end of any restaurant or foodservice operation,” says Ray Gagne, SVP at Toronto-based Cyberisk Chek Inc. “It’s important to understand cyberattacks are not just a big-company problem.”
“Gagne estimates a total of 60 per cent of small or medium companies will go out of business within six months of a cyberattack and 70 per cent of cyberattackers deliberately target small businesses because they have less security.
Determining how to combat breaches can be a headache in and of itself. As daunting a task as it seems, Gagne says the best way restaurants can protect themselves against a cyberattack is by being aware of what security threats look like and having an immediate response plan.
“We need to ask ourselves these key questions: how do I know if a cyber breach has occurred; if a breach occurs, how do I reduce the impact of the attack; and how do I recover post attack?”
RECOGNIZING A SECURITY BREACH
Restaurant owners need to be able to recognize when a security breach has occurred because of how many credit and debit transactions they process every day.
Gagne says some key indicators to look for are slow connections — a slow computer network is one of the most common signs that your system has been infiltrated by outside hackers; unexpected pop-ups, which are a likely indicator that a remotely based cybercriminal has accessed your network and is clicking internet links to open other sites; mysterious computer behaviour, which can include a variety of indicators such as passwords that suddenly stop working, settings changing without a user’s input, automatic mouse movements, changed file contents and external devices being powered on (such as a camera or microphone) without user consent. Also look for standard hacker malware, such as additional browser toolbars appearing without being purposefully installed, programs and apps crashing and data usage being higher than normal.
MINIMIZING THE DAMAGE
When a breach is discovered, Gagne says operators need to first confirm that a breach has actually occurred, then assess the damage by surmising which data has been compromised. The type of data targeted in the foodservice industry usually includes credit-card numbers, product-and-service information and any other sensitive information there might be about business operations.
Once an attack has been confirmed, Gagne recommends operators change passwords, security questions/answers and online log-in information to prevent hackers from accessing other accounts until they can seek professional help.
Cyber-support technicians are the best option for professional help, he adds, as they specialize in external threats to businesses’ internal computer systems.
Until the system has been assessed, monitor accounts and stay alert, says Gagne
PREVENTING FUTURE ATTACKS
Once an attack is under control, the best way to bulk up your defence so it won’t
happen again is to not only update IT systems and incorporate external monitoring, but educate staff on the overall risks these breaches pose to the company and how to avoid them.
“Most security breaches are due to human error and can be avoided,” says Gagne.
“It’s integral to provide digital-literacy training, cyber-awareness training and
Written by Shelby O’Conner