Posted Date: 12/21/2010
Retailers Come Under Cyber Attack
By George L. Koroneos, Editor
Massive cyber attacks, last week, prompted organizations as large as McDonalds, Walgreens and Gawker Media to warn users that their personal information might have been compromised.
In the case of the media firm Gawker, dozens of emails and associated passwords (used for leaving comments on the site) were hacked and posted publicly. Sites such as Amazon, Facebook and LinkedIn froze accounts associated with those e-mail addresses in an attempt to stop criminals from accessing the sites and modifying personal data.
McDonalds admitted that a third-party data management company called Silverpop was hacked and customer e-mail addresses and other information was stolen. Silverpop’s CEO said that the attack was “particularly sophisticated” and the company is working with peers and customers to share what it knows.
Although last week’s attacks mostly affected larger corporations, the breeches made it clear that anyone is susceptible, even with security in place. Experts agree that solution providers that offer security as a service should educate clients about possible cyber attacks and work with customers to better secure their systems.
“It’s up to the solution provider to have the conversation with the client and explain to them the types of attacks that are happening and, more importantly, the amount of damage that can be done,” said Martin Lee, senior software engineer at
Symantec Hosted Services. “It’s not limited to losing a few thousand customer e-mail addresses, the damage is going to be in terms of negative press, damage against reputation and a loss of market capitalization.”
Hack Heard Around the Web
There are two main ways criminals are accessing the data—hacking attempts and sending malicious software through e-mail.
“In all of the attacks that we are seeing, the goal of the attacker is to make money,” Lee said. “The most valuable data is credit card and financial data—these are the holy grails of the cyber criminals.”
In last week’s incidents, e-mail addresses and passwords appeared to have been the primary targets. “If bad guys can go out and find real e-mail addresses that are valid and are used by real people in online retail transactions then they know that if they steal [the addresses] they have a good chance of knowing” who the owners of the addresses will be expecting e-mails from.
Cyber criminals can then send fake e-mails from the trusted source with malicious software attached. The customer is more apt to open the e-mail if it’s from a retailer that they’ve done business with.
“We see about half a million malware over e-mail attacks per day against our customer base,” Lee said. “This is just a scattergun approach of sending out hundreds of thousand malicious e-mails a day to try to infect as many computers as possible.”
A Secure Approach
Lee recommends that solution as a service providers looking to protect their customers from these attacks take a layered approach to security.
- Install systems that block e-mail attacks before they enter the local network
- Have a layer of protection at the network gateway area
- Regularly update anti-viruses at the desktop level
- Don’t rely on signature-based malware detection
- Build a system around employees that have access to the information and block everyone else
- Audit who has access to the systems and how they access the system
“It’s becoming more and more usual to outsource handling data, so you have to know what information your partners are holding on your behalf and minimize that amount of information,” Lee said. “Do they really need to have all the information, or can they just store e-mail data? In the world of retail it’s not just enough to look after the customer experience, you also have to look after that valuable personal data after the customer has left the shop.”