Recent breaches such as the one at Verifone demonstrate to the entire industry the importance of addressing the gap of time between when an incident occurs and when it's discovered.

Only little information is available about the incident, but despite of Verifone clearing siren for the payment system remaining intact, there are many ways an infection can propagate from the enterprise network to the payment system.

Whether or not a payments system can be compromised depends on many factors, one of the most important ones is how much time had passed from the breach to its discovery.

Verifone signage
IMAGE: Bloomberg News

From what we know, breaches remain undiscovered for weeks, months and sometimes even years, when during this period attackers can collect sensitive data and record users credentials without interference, and then a single user that uses the same or similar password to access both the enterprise network and the payment system, can be the bridge for the attacker to travel between the systems.

With cyber criminals becoming more and more sophisticated and creative, they will continue finding their way in and we will continue hearing about breaches exposed.

The challenge for organizations today is, even when losing some battles, keep winning the war. Security officers should operate under the assumption that the attackers are already inside their systems, looking for ways to deepen their grasp and crawling searching for business-critical data.”

Itsik Mantin

Itsik Mantin

Itsik Mantin is a director of security research at Imperva.