Ten, or even five years ago, retailers may not have worried about cyberthreats or IT security, but now they are one of most obvious targets for hackers. All of that, mainly due to a wave of digital transformation that has swept through e-commerce and brick-and-mortar merchants alike.
In 2016, for instance, we witnessed several breaches of high-profile retailers, the most prominent of which included designer chain Eddie Bauer and fast-food mogul Wendy’s. And while the first few weeks of 2017 have been fairly quiet in terms of retail data breaches, there’s a pretty strong chance that at least one merchant is suffering a cyberattack at this very moment.
Keep these three types of cyberthreats on your radar.
1. POS Malware
Breaching the point of sale is still the most direct route to profit for hackers – despite the widespread introduction of EMV payment card technology to combat fraud. In fact, both the Eddie Bauer and Wendy’s breaches were executed through the POS. The designer retailer experienced an intrusion of the computers supporting its POS software by a form of memory-scraping malware that silently siphons payment card data to remote hackers. Approximately 350 stores were affected. Likewise, more than 1,000 Wendy’s franchises across the country were affected by payment-card stealing malware.
The moral of the story? Frequently sanitize computers running POS solutions, and for that matter, any self-service checkout kiosk that could be retrofitted with card-stealing skimmers. Memory-scraping malware typically collects customer data for months before being spotted, at which point, the damage is already done.
2. SQL Injections
With more commerce moving online, hackers have healthy incentive to go after web-based retailers. There are a variety of ways they can do this, but few are as simple or as effective as the good old-fashioned SQL injection (which played a role in the infamous Target breach from a few years ago). They work like this: A hacker types malicious code into a website’s entry field that is included within a SQL query, which then makes it possible to catalyze certain actions on the backend. From here, they may be able to access payment data and/or personally identifiable information within the website databases.
The best way to prevent a SQL injection is to employ best practices when formatting site code on the backend. Logging and analyzing network metadata can also help identify malicious interactions with website servers.
3. Insider Negligence
Sometimes, retailers are their own worst enemy. According to Retail Dive, “Cyber breaches at retailers are likely to continue to be a problem, considering how long it takes them to discover threats and the disconnect between reality and their IT professionals’ confidence.”
That latter idea of IT “confidence” can easily result in a lack of proper cybersecurity deployments and inadequate endpoint management. It’s a simple case of hubris, in which well-informed insiders have neglected to properly secure retail systems. Inadvertently, retailers essentially end up jeopardizing themselves.
To address this problem, retailers need to take cybersecurity and endpoint management more seriously. A good way to start doing that is to seek out best-of-breed anti-virus tools that supply active protection, and more importantly, to deploy a computer management solution that enables quick sanitation of critical IT systems. This will prevent POS malware, keyloggers and other malicious software from surviving long enough to siphon sensitive information.
For more information, contact Faronics today.