The UK’s National Cyber Security Centre (NCSC) was issued a warning noting that a total of 4,151 retailers had been compromised by hackers attempting to exploit vulnerabilities on checkout pages to divert payments and steal details. The retailers impacted have been informed about the vulnerabilities customers are falling victim to over the past 18 months.
According to the warning the majority of victims were impacted by hackers exploiting known vulnerabilities in the e-commerce platform Magento. The vulnerabilities when properly exploited allow the attacker to steal credit card information entered by the customer as well as possibly redirect payments to attacker-controlled bank accounts.
This is by no means the first time these tactics have been used. In 2019, a massive spike in Magecart attacks was seen that impacted a large number of small to medium enterprises. Again, the majority of retailers impacted in the last 18 months have also been small to medium enterprises.
Given that many are in preparation to snag some Black Friday and Cyber Monday deals over the fast-approaching weekend the warning issued by the NCSC is particularly poignant. NCSC Deputy Director for Economy and Society Sarah Lyons noted,
“We want small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cybercriminals over the peak shopping period...Falling victim to cyber crime could leave you and your customers out of pocket and cause reputational damage...It’s important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date.”
Retailers who use Magento, and Magecart for that matter, can help prevent hackers from exploiting vulnerabilities by ensuring their shopping cart packages are updated to the latest versions. This will help prevent hackers from taking advantage of a software flaw that enables them from converting your clients into victims. The Chancellor of the Duchy of Lancaster Steve Barclay warns,
“On Black Friday and Cyber Monday the hackers will be out to steal shoppers' cash and damage the reputations of businesses by making their websites into cyber traps...It's critical, with more and more trade moving online, to protect your business and your customers by following the guidance provided by the National Cyber Security Centre and British Retail Consortium.”
Retailers can also take several other measures to help protect customers and their businesses. Measures include following best practices to keep data safe. Other measures include embracing new technologies that make it harder to card skim details either from online checkout pages or in-store POS machines.
Technologies that are readily available to this effect include systems that require multi-factor authentication to verify the purchase. Smart cards, virtual cards, and mobile payment apps can also be integrated to give customers peace of mind.
As for retailers, there are also several easily adaptable measures that will increase your security posture. Like retailers can enable the option to allow for multi-factor authentication, many banks now will allow you to do the same whether it is by sending a one-time pin to your mobile number, or will prompt you to verify the purchase via a banking app.
A recent article published on Dark Reading also advises the following pertaining to the rise of QR codes,
“The use of QR codes has also risen during the pandemic, especially among smaller retailers and hospitality venues, as an easy way to place orders and make payments. However, consumers should beware, as QR codes can also direct them to malicious URLs that withdraw funds, capture location details, or link to their social media profiles — all without their knowledge — to steal personal credentials and payment information.”
It is important to consider that online security is a shared responsibility. Consumers have a responsibility to stay cautious about who they share their data with and how they conduct themselves online including how they search and pay for those much-prized Black Friday deals.
Equally, retailers have a major responsibility to not only protect their own data and brand, but also the data of the shoppers who rely on and trust these brands. It is not just cybercriminals looking to commit fraud and data theft that need to be watched out for.
As the United States approaches the Thanksgiving weekend the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning stating that threat actors and especially ransomware operators do not take the holiday off.
The period often involves Americans traveling to see the family through the use of highways and airports and thus really heavily on the nation’s critical infrastructure. Threat actors understand that many organizations will be poorly staffed during this period, increasing the chances of a successful ransomware attack.
This is not without precedent as the FBI notes that significant attacks were witnessed over Mother’s Day and Independence Day in the US, showing that attacking during festive moments is not out of the ordinary.
To this extent, the FBI provides the following mitigation strategies to prevent falling victim over the holidays:
- Identify IT, security employees, for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
- Implement multi-factor authentication for remote access and administrative accounts.
- Mandate strong passwords and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
- Remind employees not to click on suspicious links, and conduct exercises to raise awareness.