Black Friday 2018 Might Be a Dark Day for Retailers
Retail security requires a new approach.
November 22, 2018
Aaron Branson
By Aaron Branson, VP of Netsurion
It’s expected that Americans will drop about $90 billion this Black Friday, and as we have seen in the past, where there is a profit — there are cybercriminals. Even though the busiest brick-n-mortar shopping day is just around the corner, retailers need to start thinking ahead about how to best protect against potential cyber threats next year in the first quarter, when things slow down again.
Cybercriminals apparently have no problem hacking into a POS system and siphoning off credit-card data for months undetected. But here’s the thing: The going rate for stolen credit-card data on the black market is in decline.
If a major retailer was unable to ring out a single consumer on Black Friday, what ransom would they be willing to pay? How many millions in revenue would they lose even if they recovered without paying the ransom?
Beyond the threat of ransom, Radware’s research found that a single cyberattack costs a retailer an average of $1.6 million, and that 77 percent of retail executives admitted their security strategies were influenced by the fact that their companies already had suffered a data breach.
It’s very apparent that retailers of all sizes need to be armed with better tools and increased cyber intelligence to ward off and detect to these kinds of attacks. And for those that may have some of these tools on their tool belts already, they should consider finding partners to work with to enhance their monitoring of these tools. It’s vitally important to have the ability to more closely watch the data that passes through a corporate network in order to have a better chance of preventing breaches from occurring in the first place, or at least minimizing the damage by stopping it sooner than later.
Gone are the days when a typical firewall could be set up once and run without constant monitoring, tweaking and ensuring the data coming from it was correlated with other systems. Some of these breaches may look like normal web traffic coming out of the firewall, and other attacks can even seem like legitimate DNS traffic, which might pass right by the typical unmanaged firewall. It takes a different approach to stop some of these advanced attacks, and many products and service providers simply don’t have the ability to stop them before they do real damage.
The latest string of breaches, however, confirms that retail security requires a new approach, beyond the minimums of maintaining PCI compliance and implementing a managed firewall. For a comprehensive tool belt to stop cybercriminals before they do real damage, retailers should consider implementing the following:
Segmented networks. Merchants still need to protect themselves against POS system infiltration attacks targeting cardholder data. A multilayer security strategy is necessary. Retailers must start by segmenting their POS networks, using next-gen firewalls to block data exfiltration and implement constant monitoring and endpoint threat detection. If nothing else, dwell time of such an attack would be reduced to hours or days. After all, many attacks have persisted for almost a year, just as we have seen in previous massive card breaches.
For example, make sure your POS data traffic is separate from …
… your Wi-Fi, security cameras, digital menu boards and other connections. If you want to enable managers to connect to the POS via Wi-Fi, connect them through a virtual LAN that separates authorized traffic into a security zone.
Two-factor password authentication. When permitting remote access to a network, it’s essential that this access is restricted and secure. At a minimum, access should only be granted to individual (not shared) user accounts using two-factor authentication and strong credentials. Remote-access activities should also be logged so that an audit trail is available.
Work with a professional managed security service provider (MSSP). Having a team of experts can help prevent the devastating impact of a breach by reducing the dwell time (the time between when an attacker compromises a network – minutes – and when the organization discovers the threat — typically months). This can be as inexpensive as $50 per month, per location.
SOC. As we saw with Home Depot, which paid $19.5 million to U.S. customers affected by the 2014 data breach, even the biggest companies can get overrun to filter all alerts. Consider setting up or hiring an MSSP that offers a security operations center (SOC) to do around-the-clock monitoring, evaluation and response of all security alerts 24/7. With the people, processes and platform to continuously look across the entire organization’s networks, servers, endpoints, applications and databases, professional expert knowledge is necessary to detect and dig into potential threats.
Encrypt credit-card data. If you have older POS equipment that sends raw credit-card data to a back-office server, it might be time to upgrade. Modern, secure POS systems encrypt credit-card data as soon as a card is swiped, and they immediately send that data to the payment processor without temporarily storing it. Double-check your POS system to make sure it complies with PCI standards.
Free evaluation of your risk. With stolen credit-card data value on the decline in the black market and the continued rise of ransomware attacks, retailers are particularly vulnerable to retail ransomware. Find out your risk level and revenue impact potential with a free security self-assessment.
This list might seem daunting, but working with the right security partner can make it very manageable and affordable. As a retailer, make the top priority of your New Year’s resolution list to take the right steps to avoid any potential of facing a cyberattack.
Aaron Branson, vice president at Netsurion, is a digital-marketing strategist with a focus on digital experience management (DXM) platforms, marketing automation and UX, along with a particular interest in cybersecurity evangelism. Catch up with him on LinkedIn or follow him on Twitter.
Read more about:
AgentsYou May Also Like