Retailers are an attractive target for hackers and cyber-criminals due to the wealth of valuable data they hold, such as credit card info and personally identifiable information (PII). Retailers become particularly at risk to web attacks in US due to this abundance.
All retailers must take proactive steps to safeguard against these threats by having an SSL certificate for their websites, which encrypts data stored there.
Target
Target, as a major retailer in the US, is particularly vulnerable to web attacks that may steal information about customers, employees and suppliers. These vulnerabilities have the potential for serious repercussions such as exposing sensitive data, disrupting services and damaging brand reputation.
Target utilizes cyber threat intelligence and specialized systems to prioritize those threats that pose the greatest danger to their company. This includes information gleaned from Mandiant and other sources which is then forwarded onto threat analysts who then share it with various stakeholders across the organization.
These stakeholders include the red team, computer security incident response, enterprise incident management, insider threat protection detection and visibility, as well as active vulnerability management. Each of these teams has its own preferred workflow for gathering information.
For instance, the red team requires host-based indicators to detect suspicious activities. Likewise, the computer security incident response team utilizes network or host-based indicators for monitoring suspicious activity, while Mandiant’s detection and visibility team utilizes behavioral intelligence gleaned from Mandiant and other sources to detect potentially malicious traffic.
Target employs a number of practices in addition to these workflows that help it identify and mitigate threats. These include vulnerability assessments and remediations, the use of malware analysis tools, as well as an automated malware-detection system that quickly detects infections, according to Matt Brady, director of cyber threat intelligence at Target.
One of the most important points to remember is that not all attackers are created equal. Some possess high-level skill and aptitude, while others lack any experience at all.
Experts contend that differences in capabilities can be the difference between winning a cyberattack and losing it. The initial step of any web attack is reconnaissance, during which an attacker gathers as much information about a target as possible. This information could come from simple Google searches, vendor or supplier portals, social media sites like Facebook or Twitter – whatever works best for them!
Once an attacker gains access to a retailer’s network, they can remain undetected and upload malware programs onto Point of Sale (POS) systems used for selling products to consumers – something which happened with the Target breach which exposed 40 million credit and debit cards as well as 70 million records of personal information.
Neiman Marcus
In 2013, Neiman Marcus experienced a cyber attack that exposed the credit card data of thousands of customers. To settle with 43 states, the retailer agreed to hire a cybersecurity professional and conduct an assessment of security risks.
Although this breach is relatively minor compared to Verizon’s 165 confirmed breaches in 2014, it still poses a huge problem for retail. With reports that major retailers such as Target, Sony and Home Depot could be vulnerable to web attacks, it’s clear that consumers must remain wary when shopping online.
On Friday, security blogger Brian Krebs revealed that Neiman Marcus had suffered a credit-card data breach in December 2015 that affected 5,200 accounts and at least 70 of which were used for fraudulent purchases (see: Neiman Marcus Reveals Breach Details).
However, the number of affected cards has since been revised down to around 370,000 following an investigation by the retailer that determined malware wasn’t installed in all stores.
Neiman Marcus has agreed to perform a cybersecurity risk assessment with an outside consulting service and adhere to Payment Card Industry Data Security Standards (PCI DSS). Furthermore, it must implement new information security measures such as encryption and tokenization technologies.
The company is working with law enforcement and security firm Mandiant to investigate how the breach occurred. Furthermore, they advise consumers to change their passwords and check their accounts for any suspicious activity.
Furthermore, the company is providing free identity theft protection to all affected customers for one year. Customers can apply for this service at both its website and call center.
It should also be noted that none of Neiman Marcus’ first-party credit and debit cards were stolen in the attack. Furthermore, the high-end retailer went out of its way to emphasize that this incident only affected its stores, not its websites.
Neiman Marcus has a long history of being targeted by hackers, but this latest incident serves as a stark reminder that the luxury retailer needs to improve its security procedures. This is especially pertinent considering that the company was breached in 2013 and 2015, leading to multiple customer financial data breaches.
Sony
Sony, one of the world’s largest and most successful electronics companies, was founded in 1946 by two Japanese men who believed they could create new products to meet people’s needs. Akio Morita – a former naval lieutenant – met Masaru Ibuka – a defense contractor who had developed heat-seeking missile guidance system and night vision gun scope.
At the time of its founding, Sony was a small business with just $500 in borrowed capital. But its founders had an uncanny ability to anticipate technological advancements and consumer preferences, creating a brand synonymous with music, movies, electronics – and much more.
Morita and Ibuka collaborated with other engineers to develop an extensive line of products. Their initial success lay in developing audio CDs and computer workstations, but eventually their company became known for its 8mm video cameras.
Sony achieved global dominance through talent and technological innovation, but faced a major threat: illegal downloading of digital music files. Eventually, the company joined other music labels in filing suit against Napster.
The lawsuit sought to prevent people from sharing their music without permission, thus damaging the industry’s profits. Despite this setback, Sony’s music business continued to expand.
In the early 2000s, Sony underwent a dramatic change when Nobuyuki Idei replaced Masaru Shigeobu as chairman and CEO. Idei had served 34 years at Sony, playing an integral role in their growth trajectory.
Idei carried forward much of their company’s legacy and faced unique challenges during an era of globalization and the proliferation of high-tech devices. Nevertheless, they were able to rise to these challenges by taking necessary measures for improved security.
In August 2017, hackers took over PlayStation social media accounts and claimed they had amassed a database of user data. Though they denied working for North Korea, its actions were seen as revenge for the release of The Interview, a movie depicting an event from their country’s fictional history. Fearing exposure of this information, the hackers threatened journalists with it until journalists gained access to it.
Home Depot
Home Depot, one of the nation’s largest retailers, recently suffered a significant web attack. Its payment systems were compromised and hackers managed to obtain credit card details from many of their customers.
The attackers gained access to the retailer’s network by stealing credentials from a third-party vendor. Once inside, they were able to hack into the company’s network without detection for five months. While the breach has since been discovered, many remain puzzled as to why it took so long for someone to notice it.
Hackers were able to obtain email addresses of shoppers with active accounts from a retailer’s system. This poses an extremely serious problem, as it gives hackers direct access to victims’ inboxes with the purpose of sending deceptive emails in an effort to gain access to their personal data.
Home Depot and its shareholders could sustain substantial financial damage as a result of this breach, since they would be held liable for any fines or lawsuits banks may choose to file against them as a result.
Additionally, Home Depot’s business is at risk due to potential malicious attacks using stolen emails from shoppers. As such, Home Depot must take proactive measures in order to shield their users from such attacks in the future.
The company has already declared that it has eliminated all malware from its networks and will be implementing enhanced encryption of payment data at each of its stores. Furthermore, the company has expedited chip-and-PIN implementations, with plans to have these installed across all U.S. stores by the end of 2014.
However, even with the new security measures taken by the retailer, they will not be enough to protect customers from breaches. To address their underlying weaknesses as well, the retailer needs to implement a firewall on its network and secure all employee credentials. It should also implement an effective password policy and change all passwords on its system regularly. Moreover, anti-virus and anti-malware software should be installed on all computers and mobile devices along with an effective monitoring strategy for all servers.
