HO. HO. HO. It’s holiday season … and prime time for hackers to make a data haul compromising your systems and selling their gifts on the digital black market.
Remember that fateful day in December a few years ago when a data breach at Target compromised 110 million credit/debit-card wielding shoppers?
According to an article in ZDNet discussing the likely scenarios of the Target intrusion, the cyber attackers spent preliminary time intelligence-gathering on Target’s systems and suppliers. With the supplier list in hand, they backed their way into Target’s corporate network by compromising a third-party HVAC vendor using a phishing email, which duped at least one employee. This allowed the cyber attacker to install the Citadel trojan into the vendor’s network.
They then used Citadel to glean login credentials of portals used by the vendor to access Target’s internal network. After gaining control of the Target servers, they went after the point-of-sale systems, stole the credit/debit card information, and dumped the information to a secure, remote server. The cyber attackers then moved the stolen data to off-site file transfer protocol (FTP) servers to sell the data to willing bidders.
Why Financial Institutions Are at Risk
While storefront and online retailers are obvious targets between Black Friday and Cyber Monday, those businesses aren’t the only ones susceptible to being targeted during the holidays. Banks are also common targets as they process thousands of transactions every day during the last two months of the year. In 2018, more than 25% of all malware attacks hit banks and other financial services organizations, along with 212% year-over-year increases in the number of compromised credit cards. While phishing email campaigns were common tactics to penetrate banks, distributed denial of service (DDoS) attacks were up 37% in the first half of 2018.
How to Prepare for the Surge in Holiday Cyber Attacks
During the busy holiday transaction season, don’t leave anything to chance. Here are five ways managed security solutions can help.
- Provide around-the-clock monitoring – Managed security solutions can proactively monitor the security integrity of your entire infrastructure. Security experts identify patterns of events indicating possible cyber threats, determine the risk and act quickly. For retailers and financial institutions, whitelisting endpoints, websites, point-of-sale terminals, ATMs and kiosks can also be effective in permitting only pre-approved applications to run on your systems. Enforcing whitelist policies can go a long way to prevent malware or harmful security attacks to run on POS devices.
- Build an ironclad, multi-tier defense – Early-warning detection requires limiting exposure from any perimeter. Managed, cloud-based security can provide multiple layers of defense, including strong firewall protection, vulnerability detection, virtual private network monitoring, content filtering, intrusion prevention, virus shield and failover options. With phishing and DDoS attacks on the rise in the financial sector, real-time threat intelligence and centralized network management are key to proactively stopping cyber attacks before they become major downtime events.
- Ensure systems are up to date – Unpatched systems and vulnerable default settings are common vectors of attacks. Managed security solutions can keep your systems current and optimized with regularly scheduled patch management to minimize risks used to exploit data breaches. Remember, it takes as few as five days from new attack vector discovery to weaponization, widening access to fast, efficient tools to do harm.
- Limit or disable vendor access to your network – We read above how cyber attackers used a third-party supplier to navigate vendor portals and access Target’s network. Managed security providers can help you regularly audit your vendors and strengthen the use of two-factor authentication and password vault management to secure usernames and master passwords in an encrypted format.
- Minimize downtown with data backups – To stay ahead of a potential data breach, it’s vitally important that you can seamlessly recover your data. Managed data backup and disaster recovery solutions can restore your entire virtual environment in minutes. Backups are disconnected from your network to eliminate ransomware lockup or compromised data. Information is sent over an encrypted internet connection to a secure, compliant data center.
Are you prepared for a rise in cyber-attacks over the holidays? Learn more by downloading our free mini-booklet “Five Ways Managed Security with Magna5 Can Safeguard Your Organization” or schedule a consultation with our security experts.
About The Author
Mike Penn joined Magna5 as Senior Content Developer. His role is to bring to life stories that inspire or inject clarity in how managed services and emerging trends can be applied to help organizations operate better and more efficiently.