Consumers and Retailers Need to be on the Lookout for Cyber Ghosts
The holiday shopping season is well upon us. In the US, 2017 holiday online sales are at an all-time high with online transactions on Cyber Monday in the US reaching a record $6.59 billion. With online shopping quickly becoming the preferred choice of consumers over brick and mortar stores, consumers and retailers need to be on the lookout for Cyber Ghosts, that unlike Scrooge’s visitors, come for those with a generous spirit.
Cyber Ghosts of the Past
We all remember the infamous Target breach of 2016, whose impact still haunts those affected. Over 40 million credit and debit card details were stolen when attackers breached Target Point of Sales (PoS) systems. Ultimately it was discovered that the perpetrators used a phishing scam to successfully steal the credentials of Target’s HVAC contractor and then successfully used the stolen credentials to access Target’s POS systems that held their customer credits card numbers, PINs and other personal data – wreaking havoc on the company and its customers. Consumers and businesses need to be vigilant this time of year as hackers flood email accounts with messages meant to lure your credentials to access payments card details and personal data.
Cyber Ghosts of the Present
Phishing scams, malware, Trojans, ransomware; the list of present cyberthreats goes on and on. Determined attackers will stop at nothing to get at your systems and data. The December 2017 McAfee Labs Threats Report indicates that new malware is on the rise. In Q3 2017 malware reached an all-time high of 57.6 million new samples, which is an increase of 10% over Q2 of this year, and new ransomware increased a staggering 36% over the previous quarter.
Massive breaches also topped the cybersecurity charts in 2017. From hotel chains to restaurants and retailers, millions of consumers were impacted – with the September revelation of the massive Equifax breach topping the charts exposing the personally identifiable information (PII) of 145.5 million customers. The impact of which consumers will feel for Christmases to come.
Cyber Ghosts Yet to Come
One thing is clear, cyber attacks will continue to plague us into 2018 and beyond. And attackers are only getting more aggressive with leaked government cyberespionage tools sure to become weaponized by hackers in 2018, on top of new zero days.
How Can Companies Protect Themselves and Their Customers?
If you’re going to win the battle against cyber attacks then you need to make ‘I will be breached’ your new security mantra. By changing your security mindset and employing new techniques like threat hunting, you will be ready for new and stealthy attacks that increasingly are able to make it past your first line defenses.
The latest research indicates that controlling the dwell time of malware and APTs is the key to dramatically reducing business impact. By accepting you will be breached and putting proactive hunt solutions in place you will be able to detect and neutralize threats before they can cause damage
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »