While DDoS (distributed denial of service) attacks are constantly in the headlines these days, they only account for under 5% of the attacks on retailers.
This is only logical if you think about it. Hackers and criminals wouldn’t want the flow of traffic and transactions to stop. They are in this for the money and would not want to do anything to jeopardise its flow.
DDoS attacks are usually launched by opportunistic hackers that are usually out to make some sort of statement.
However, the real criminals like to lurk in the shadows and silently steal money and information when it suits them.
In late 2013, one of the largest data breaches in retail history was made known to the public when Target revealed its database had been hacked. The criminals, it was revealed, had extracted credit card information and personal data, such as names, addresses, phone numbers and email addresses.
Understandably, the market was at an uproar. Distrust was sewn into the fabric of relationships between the once trusted retailer and its customers. But how could this be? How did this happen? How could a major retailer have allowed such a gaping security hole to be exploited?
Over 50% of threats to retailers are external and utilise malicious code or sustained probing to do their dirty work.
The attack against Target used a combination of both types of attacks to steal the personal information and credit card details of over 40 million customers. That’s million with a capital “M”, and marked one of the largest breaches and capture of customer data in the history of commerce.
The culprits initially breached Target’s systems after stealing network login credentials from an HVAC subcontractor.
Malware planted at Target could then launch a scanning probe whose sole purpose was to lie in wait, watch for transactions and record data.
Once the stolen data reached a critical mass the malicious code was then activated to launch a massive data dump outside of the company’s network.
And, what happened to those 40 million records? The hackers turned around and sold them on the darknet market. Millions of these profiles are still unaccounted for to this day.
The bad news is that the intelligence of digital criminals and frequency of attacks are increasing.
With hundreds of millions of new users logging on for the first time with every passing year, the opportunity to capitalise on the naiveté and inexperience is growing markedly.
The good news is that there are ways (some very easy to implement, and some will take time) to protect you, your company and your customers from these types of attacks.
Control what websites employees can access and what content they can download. There is malicious software that can infect your system simply by navigating to a malicious webpage.
Beef up password control, think about encryption services and increase security access measures such as two factor authentication (2FA).
Having “1234567” or “password” as passwords is not acceptable, as are passwords written on those secure sticky notes!
These are all security no-no’s.
Make sure all your system configurations, operating system patches and anti-virus definitions are up to date. Attackers often exploit older versions or unpatched systems to launch their exploits and infect systems.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.