Malicious internal threats, negligent employees; Misconfigured or vulnerable software on networks, endpoints, and point-of-sale (POS) devices has expanded the corporate attack surface in the retail industry over the years. Cybersecurity plays a vital role in protecting customers’ personal and financial data by keeping ransomware away and protecting the brand’s reputation. It also offers the opportunity to build closer customer relationships and contribute to the growth of the company. In its new report, ESET clearly mentions the great impact of the pandemic on the industry.
What is at stake?
COVID-19 is helping retail organizations evolve from back offices to point-of-sale (POS) devices. It also exposes them to new cyber risks. Due to collective remote working, tools like Microsoft Exchange and Kaseya have become more popular for communication and IT management. They have been massively abused for data theft and fraud. Retailers; IT infrastructures are vulnerable at multiple points, including customer databases, POS devices, marketing automation, search engine optimization tools, and payment processing platforms and services. From phishing theft to ransomware, man-in-the-middle attacks to SIM swapping and fake mobile apps, we come across everything. The tactics, techniques and procedures (TTPs) commonly used in COVID-related attacks are found in all attacks targeting retail customers and companies.
From POS to e-commerce
POS has traditionally been the number one target of data-seeking attackers. Leaks to tens of millions of high-profile accounts at Target and Home Depot stores a few years ago can be given as the most important example of this. This still poses a threat today, as we understand from the discovery of ModPipe POS malware and the impact of Kaseya supply chain attacks on some retailers’ POS systems. On the other hand, the widespread use of EMV cards that cannot be easily cloned using stolen POS data and new systems like Apple Pay are also causing more online malicious activity. With the continuation of the COVID-19 pandemic, the general orientation towards online retail has gained momentum and the online retail sales rate has increased from 16% to 19% of the overall total in 2020.
Brief about some recent e-commerce threats
- Magecart-style digital card information copying malware has become a major risk for online retailers. A gang has infiltrated more than 2,800 digital stores in just a few days. Another card hacking attack cost British Airways a £20m fine.
- A more sophisticated card-stealing malware was also found to be hidden in CSS files, social media sharing icons, and site icon metadata to bypass security tools.
- Discovered by ESET researchers, the IIStealer malware is a highly sophisticated method of stealing customer credit cards. It infiltrates web servers and waits for users to pay for products. After the user unwittingly saves the relevant credit card information, it hides the data in legitimate website traffic and transmits it to the attackers. Even HTTPS lock cannot protect users, as IIStealer waits for a request from the server to crack the password before leaking information.
- In 2020, an e-commerce plugin malware that breached a vulnerability in the WordPress plugin WooCommerce gained access to the website’s database.
Protection of e-commerce servers
These risks for retailers have increased with the introduction of industry data security standard PCI DSS, as well as regulations such as GDPR and California CCPA. Failure to comply with these regulations can result in large penalties and reputational damage, resulting in loss of customers. This is a serious risk in an industry where customer loyalty is hard to gain but easily lost. There is no magic wand to overcome these difficulties. The best solution is for the cybersecurity application to have multiple layers from the end user to the endpoint. In addition, retail IT security teams can help eliminate some of these risks by improving security on backend e-commerce servers.
- Use purpose-built accounts with strong and unique passwords for administrators
- Enable multi-factor authentication (MFA) on all administrative and privileged accounts for added protection
- Update your operating system and applications regularly, and be mindful of which services are open to the Internet to reduce the risk of server breaches
- Protect the customer data you store with encryption to make it useless for thieves
- Reputable on your server consider using a security solution as well as a firewall for Internet applications
- Use robust, multi-layered endpoint defenses to prevent, detect and respond to threats
Retail IT environments, from backend logistics and from CRM to frontend e-commerce store and POS devices in physical stores It covers everything up to There are quite a few malicious people targeting this environment. As online companies continue to grow and transform digitally, their competitive advantage depends on developing good risk-based cybersecurity strategies.
43534
