WEBVTT 00:00:00.224 --> 00:00:03.176 Let's talk about remote access because this strikes me as the 00:00:03.176 --> 00:00:06.607 biggest thing in point of sale where you're buying your 00:00:06.607 --> 00:00:11.234 point-of-sale software from an ISO? 00:00:11.234 --> 00:00:11.886 What is an ISO? 00:00:11.886 --> 00:00:13.027 We don't have them in the EU. 00:00:13.027 --> 00:00:14.154 What do ISOs stand for? 00:00:14.154 --> 00:00:17.732 They're basically vendors or service providers that run the 00:00:17.732 --> 00:00:22.441 point-of-sale software or the hardware. 00:00:22.441 --> 00:00:23.394 So if I'm a merchant. 00:00:23.395 --> 00:00:24.264 I run a store. 00:00:24.264 --> 00:00:28.292 I go to an ISO, and they provide me with the point-of-sale software and the chip, 00:00:28.292 --> 00:00:29.757 the card readers, and everything, yeah? 00:00:29.757 --> 00:00:30.088 Right. 00:00:30.088 --> 00:00:34.542 It can be a complex setup to accept all the cards and everything else, 00:00:34.543 --> 00:00:37.051 and many merchants, they know their business. 00:00:37.052 --> 00:00:39.838 They don't know about processing cards, 00:00:39.838 --> 00:00:42.193 and so they'll hire a third party to come in and 00:00:42.193 --> 00:00:43.441 handle that aspect of the business. 00:00:43.442 --> 00:00:46.389 And it's this third party that then has remote access 00:00:46.389 --> 00:00:50.417 into every single POS system of that merchant and all 00:00:50.417 --> 00:00:52.174 their merchants because --- yeah? 00:00:52.174 --> 00:00:52.564 Yeah. 00:00:52.564 --> 00:00:55.665 Their job is to get those machines installed, 00:00:55.665 --> 00:01:00.157 and they'll have various levels of service contracts of how involved they're 00:01:00.157 --> 00:01:03.322 going to be with the merchant and maintaining security, 00:01:03.322 --> 00:01:07.625 but oftentimes, they do have remote access into the merchant, 00:01:07.625 --> 00:01:11.507 as well as the merchant will often have remote access themselves to 00:01:11.507 --> 00:01:15.363 get in and run their business from the outside. 00:01:15.364 --> 00:01:19.205 And that, what sort of software's, if I'm looking, 00:01:19.205 --> 00:01:22.523 if somebody says to me, remote access, I'm a bit confused. 00:01:22.523 --> 00:01:25.985 What names of packages would merchants recognize there? 00:01:25.985 --> 00:01:29.494 Something as simple as the default Microsoft Remote Desktop. 00:01:29.494 --> 00:01:33.668 We see breaches through that, but that's common. 00:01:33.669 --> 00:01:39.662 All kinds of the web services, like LogMein, --- Right. 00:01:39.662 --> 00:01:42.394 That's the one I was trying to think of, LogMein. 00:01:42.394 --> 00:01:45.694 --- we see access through those, TeamViewer. 00:01:45.694 --> 00:01:47.580 Those are some of the ones that are really, 00:01:47.581 --> 00:01:48.773 really easy to set up, 00:01:48.773 --> 00:01:52.208 and they can be safe if they're set up and configured correctly. 00:01:52.209 --> 00:01:56.804 But attackers do love to hit those. 00:01:56.804 --> 00:01:57.604 And I guess, 00:01:57.604 --> 00:02:00.472 what they're trying to do is trying to get credentials so they're 00:02:00.472 --> 00:02:03.638 using social engineering to get the credentials or are we still at 00:02:03.638 --> 00:02:06.707 the days where the password is letmein? 00:02:06.707 --> 00:02:08.323 Both, I'm afraid. 00:02:08.323 --> 00:02:09.318 Really? 00:02:09.318 --> 00:02:10.025 Yeah. 00:02:10.025 --> 00:02:13.563 We still see it all. 00:02:13.564 --> 00:02:20.362 We see weak passwords where access to an entire network of 00:02:20.362 --> 00:02:24.962 POS terminals is protected with password, 00:02:24.962 --> 00:02:30.173 123, and an attacker can get through that without breaking stride. 00:02:30.174 --> 00:02:32.174 And so...