Most Updated News on How to Protect Against DoS Attacks!

1
Security Company CloudFlare leaks sensitive customer information for tens of thousands of websites”
2
Cloudflare bug data leak exposed
3
Deutsche Telekom Cyber Attack ‘Mastermind’ Arrested At London Airport
4
Bitfinex Targeted in “Severe” DDoS Attack Amid Bitcoin Price Surge
5
Homeland Security Wants To End The Scourge Of DDoS Attacks
6
74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened
7
Blame the US, not China, for the recent surge in massive cyberattacks
8
Majority of DDoS Attacks in October-December 2016 Conducted From Germany, UK, US
9
University suffers DDoS attack after it’s schooled by own IoT devices
10
What retailers need to know about cybersecurity

Security Company CloudFlare leaks sensitive customer information for tens of thousands of websites”

cloudflare: Cloudflare Reverse Proxies are Dumping Uninitialized Memory

(It took every ounce of strength not to call this issue "cloudbleed")

Corpus distillation is a procedure we use to optimize the fuzzing we do by analyzing publicly available datasets. We've spoken a bit about this publicly in the past, for example:

https://security.googleblog.com/2011/08/fuzzing-at-scale.html


http://taviso.decsystem.org/making_software_dumber.pdf#page=11

On February 17th 2017, I was working on a corpus distillation project, when I encountered some data that didn't match what I had been expecting. It's not unusual to find garbage, corrupt data, mislabeled data or just crazy non-conforming data...but the format of the data this time was confusing enough that I spent some time trying to debug what had gone wrong, wondering if it was a bug in my code. In fact, the data was bizarre enough that some colleagues around the Project Zero office even got intrigued.

It became clear after a while we were looking at chunks of uninitialized memory interspersed with valid data. The program that this uninitialized data was coming from just happened to have the data I wanted in memory at the time. That solved the mystery, but some of the nearby memory had strings and objects that really seemed like they could be from a reverse proxy operated by cloudflare - a major cdn service.

A while later, we figured out how to reproduce the problem. It looked like that if an html page hosted behind cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like heartbleed, but cloudflare specific and worse for reasons I'll explain later). My working theory was that this was related to their "ScrapeShield" feature which parses and obfuscates html - but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers.

We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security.

This situation was unusual, PII was actively being downloaded by crawlers and users during normal usage, they just didn't understand what they were seeing. Seconds mattered here, emails to support on a friday evening were not going to cut it. I don't have any cloudflare contacts, so reached out for an urgent contact on twitter, and quickly reached the right people.



After I explained the situation, cloudflare quickly reproduced the problem, told me they had convened an  incident and had an initial mitigation in place within an hour.

"You definitely got the right people. We have killed the affected services"

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1139

Cloudflare bug data leak exposed

Private messages exchanged on dating sites, hotel bookings and frames from adult videos were among the data inadvertently exposed by a bug discovered in the Cloudflare network.

The firm protects websites by routing their traffic through its own network, filtering out hack attacks.

It has 4 million clients, including banks, governments and shopping sites.

Customers wouldn’t necessarily know which of the online services they use run on Cloudflare as it is not visible.

The bug came to light while Cloudflare was migrating from older to newer software between 13 – 18 February.

Chief operating officer John Graham-Cumming said it was likely that in the last week, around 120,000 web pages per day may have contained some unencrypted private data, along with other junk text, along the bottom.

He told the BBC there was no evidence yet that the data had been used maliciously.

“I can’t tell you it’s zero probability that nobody saw something and did something mischievous,” he said.

“I am not changing any of my passwords. I think the probability that somebody saw something is so low it’s not something I am concerned about.”

‘Ancient software’

Mr Graham-Cumming has written a blog about what went wrong and how Cloudflare fixed it.

“Unfortunately, it was the ancient piece of software that contained a latent security problem and that problem only showed up as we were in the process of migrating away from it,” he wrote.

The firm, whose strapline is “make the internet work the way it should”, has also been working with the major search engines to get the data scrubbed from their caches – snapshots taken of pages at various times.

It was discovered by Google engineer Tavis Ormandy, who compared it to the 2014 Heartbleed bug.

“We keep finding more sensitive data that we need to clean up,” he wrote in a log of the discovery.

“The examples we’re finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to clean up.”

Dodged bullet

Cybersecurity expert Prof Alan Woodward said the bug had been caused by “a few lines of errant code”.

“When you consider the millions of lines of code that are protecting us out there on the web, it makes you realise that there are bound to be other problems likely to be waiting to be found,” he said.

“It’s too soon to tell exactly what damage may have been done, but because of the way in which this was found the chances of individuals being compromised is relatively small.

“What it shows, bigly, is that we may have just dodged a bullet.”

Source: http://www.bbc.com/news/technology-39077611

Deutsche Telekom Cyber Attack ‘Mastermind’ Arrested At London Airport

The police plan to extradite him to Germany where he could face up to ten years in prison

A 29-year-old British man suspected of being behind the cyber attack which affected 900,000 Deutsche Telekom customers has been arrested at Luton Airport.

The German telecoms giant was forced to roll out a software update in November after nearly a million of its customers across the country were either cut off, or had issues with their broadband service.

The UK’s National Crime Agency (NCA) today said it has arrested the man under charges of computer sabotage on behalf of Germany’s federal criminal police force (BKA).

Attack suspect

Cologne public prosecutor Dr Daniel Vollmert said the man is “accused of being the mastermind behind the attack”, with the police planning to extradite him to Germany where he could face up to ten years in prison

He supposedly planned to hack the Deutsche Telekom router in order to integrate in to a networked “botnet” for cyber criminal activities and prosecutors allege that he tried to sell the botnet on the dark web “attack scenarios like so-called DDoS attacks”.

At the time, Deutsche Telekom was able to mitigate the attack by instructing customers to disconnect their routers and only restart them after carrying out a software update.

Attacks such as this were extremely prevalent throughout 2016, as businesses struggled to come to terms with a growing attack surface and the increased sophistication of cyber attacks, emphasising a need for next generation security products.

DDoS attacks in particular are a serious threat to businesses. Earlier this month a suspected DDoS attack took down the Austrian Parliament website and the same type of attack was deemed responsible for an outage at Lloyds Banking Group in January that left customers unable to access online banking services for three days.

Corero Network Security warned businesses to prepare for bigger and badder DDoS attacks in 2017 and, if the first two months of the year are anything to go by, this prediction looks set to come true.

Source: http://www.silicon.co.uk/security/deutsche-telekom-attack-arrested-206020

Bitfinex Targeted in “Severe” DDoS Attack Amid Bitcoin Price Surge

Prominent bitcoin exchange Bitfinex revealed it was struck by a significant DDoS attack late Tuesday night (UTC).  However, the denial of service attack was promptly mitigated, with minimal impact on operations.

The Hong Kong-based cryptocurrency exchange confirmed it was “under severe DDoS attack” on a social media post yesterday. The attack coincides with bitcoin prices reaching some of the highest prices set in its entire history, as bitcoin-seeking extortionists continue to attack the most straightforward target for demanding bitcoin ransoms.

Screen Shot 2017-02-22 at 13.07.32

The disruption impacted users, some of whom pointed to the crypto-exchange’s chosen DDoS protection service CloudFlare blocking API functions.

Screen Shot 2017-02-22 at 13.07.40

The exchange further confirmed that API performance took a hit.

The attacks began late Tuesday night as BitFinex began investigating the disruption at 21:34 UTC. To its credit, Bitfinex took measures to identify and block the DDoS attack in a 15-minuite monitoring period.

“We have taken steps to identify and block the attack. The system is returning to normal” the exchange confirmed soon after.

Information from its status page reveals that all services were back to normal, less than an hour after the attack caught attention.

Bitfinex has faced outages due to DDoS attacks in the past. In mid-2015, when the website was still in its “beta” phase, the website was completely knocked offline following a DDoS attack. The exchange had previously made headlines that year following a hack of its hot wallet. It is speculated that just about 0.5 percent of the exchange’s bitcoin holdings, approx. 1,400 BTC, was stolen during the hack. The hack pales in comparison to the infamous 2016 theft of nearly 120,000 bitcoins, approx. $65 million at the time, which promptly sent bitcoin price crashing after the exchange suspended trading.

In recent times, Bitfinex has become the dominant bitcoin exchange by daily trading volume globally.

Figures from CoinMarketCap reveal the Hong Kong-based exchange leading others by a significant distance.

Screen Shot 2017-02-22 at 13.08.28

Bitfinex also leads the pack in overall trading of cryptocurrencies including bitcoin, followed by Kraken.

Source: https://www.cryptocoinsnews.com/bitfinex-targeted-in-severe-ddos-attack-amid-bitcoin-price-surge/

Homeland Security Wants To End The Scourge Of DDoS Attacks

In 2017, Homeland Security has as much to do with securing digital borders as it does geographical ones. One push the DHS is leading to make cyberspace safe for Americans is the DDoSD project.

The first four letters — DDoS — should be familiar enough by now. We’ve numerous distributed denial-of-service attacks in the recent past, with targets ranging from African wireless carriers to cybercrime bloggers to one of the largest DNS providers in the world.

It’s the last letter in DDoSD that makes all the difference. That D stands for defense, and the Department of Homeland Security’s Cyber Security Division (CSD) is funding multiple systems that have the potential to stem the rising tide of DDoS attacks.

In a post published last week, the DHS stated that its goal is to “build effective and easily implemented network defenses and promote adoption of best practices by the private sector.” With the right tools and the public’s cooperation, the DHS hopes “to bring about an end to the scourge of DDoS attacks.”

The DHS post points to a best practices document that was shared by The Internet Society way back in the year 2000. That document describes “a simple, effective, and straightforward method for using[…]traffic filtering to prohibit DoS attacks.” It’s a good starting point, but the DHS post notes that no one defense system can repel every attack.

That’s why the DHS has multiple teams working on multiple solutions. One is a peer-to-peer system that would allow Internet providers around the globe to collaborate on the automated detection and mitigation of DDoS attacks. Others are focused on neutralizing high-powered attacks.

There’s still work to do, but it’s great to see the DHS leading a coordinated effort because something needs to be done. Last year, DDoS protection provider Imperva Incapsula reported helping its customers fend off an average of 445 attacks every week. Their intensity increased dramatically, too, up from around 200Gbps in 2015 to 470Gbps in 2016.

Add in a report from Verizon that named the three biggest targets of DDoS attacks as cloud and IT service providers (49% of all attacks), the public sector (32%), and banks (9%), and it becomes very clear why we need the DDoSD project to succeed.

Source: http://www.forbes.com/sites/leemathews/2017/02/20/homeland-security-wants-to-end-the-scourge-of-ddos-attacks/#527bd1556c0f

74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened

And just two thirds of IT pros say their current IT security budget is sufficient, a recent survey found.

According to the results of a recent survey [PDF] of 250 IT professionals, 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened.

The survey, conducted by iSense Solutions for Bitdefender, also found that two thirds of companies would pay an average of $124,000 to avoid public shaming after a breach, while 14 percent would pay more than $500,000.

One third of CIOs say their job has become more important in their company’s hierarchy, and another third say their job has been completely transformed in the past few years.

And while nine in 10 IT decision makers see IT security as a top priority for their companies, only two thirds say their IT security budget is suifficient — the remainder say they would need an increase of 34 percent on average to deliver efficient security policies.

 Cloud security spending increased in the past year at 48 percent of companies, while the budget for other security activities remained the same.

On average, respondents say only 64 percent of cyber attacks can be stopped, detected or prevented with their current resources.

Separately, a survey of 403 IT security professionals in the U.S., U.K., Canada and Europe found that only three percent of organizations have the technology in place and only 10 percent have the skills in place to address today’s leading attack types.

The survey, conducted by Dimensional Research and sponsored by Tripwire, also found that just 44 percent of organizations have the skills, and 43 percent have the technology, to address ransomware attacks effectively.

“Most organizations can reasonably handle one or two key threats, but the reality is they need to be able to defend against them all,” Tripwire senior director of IT security and risk strategy Tim Erlin said in a statement. “As part of the study, we asked respondents which attack types have the potential to do the greatest amount of damage to their organization. While ransomware was cited as the top threat, all organizations were extremely concerned about phishing, insider threats, vulnerability exploitation and DDoS attacks.”

Respondents felt most confident in their skills to handle phishing (68 percent) and DDoS attacks (60 percent), but less confident in their abilities to deal with insider threats (48 percent) and vulnerability exploitations (45 percent).

Similarly, respondents felt more confident in the technology they have in place to address phishing (56 percent) and DDoS attacks (63 percent), but less confident in the technology to address insider threats (41 percent) and vulnerabilities (40 percent).

A separate survey of 5,000 U.S. consumers by Kaspersky Lab and HackerOne found that 22 percent of respondents are more likely to make a purchase if they know a company hired hackers to help boost security.

Knowing what they do about their own company’s cyber security practices, just 36 percent of respondents said they would choose to be a customer of their own employer.

Almost two in five U.S. adults don’t expect companies to pay a ransom if hit by ransomware.

When asked what types of data they would expect a company to pay a ransom for, 43 percent expect companies to do so for employee Social Security numbers, followed by customer banking details (40 percent) and employee banking details (39 percent).

Source: http://www.esecurityplanet.com/network-security/74-percent-of-companies-that-suffer-a-data-breach-dont-know-how-it-happened.html

Blame the US, not China, for the recent surge in massive cyberattacks

The internet’s new scourge is hugely damaging global attacks that harness armies of routers, cameras, and other connected gadgets—the so-called Internet of Things (IoT)—to direct floods of traffic that can take down swaths of the network.

The blame so far has largely fallen on the Chinese manufacturers who churn out devices with shoddy security on the cheap. But all those devices have to be plugged in somewhere for them to used maliciously. And American consumers are increasingly the ones plugging them in.

1

Nearly a quarter of the internet addresses behind these distributed denial-of-service, or DDoS, attacks are located in the United States, newresearch from network services firm Akamai has found. Some 180,000 US IP addresses took part in DDoS attacks in the last quarter of 2016, it found—more than four times as many as addresses originating in China.

Akamai’s findings are particularly notable because the armies of hacked devices that carry out DDoS attacks—such as those controlled by the Mirai malware—don’t bother covering their tracks. That means the IP addresses are far more likely to genuinely correspond to a location within a certain country, the report’s authors write.

The findings also end an era of Chinese dominance in DDoS attacks. Over the previous year, China has accounted for the highest proportion of IP addresses taking part in such attacks globally. Now the US is the clear leader, accounting for 24% of such addresses. The UK and Germany are a distant second and third. (To be clear, though, wherever the attacking devices’ IP addresses are, the person controlling them could be located anywhere.)

2

The huge number of devices taking part in DDoS attacks in the US means regulation there, and in Europe, could stem the flood of damaging traffic. Of course, IoT regulation is a thorny issue—essentially, no US federal agency really wants to take the problem on—and there remain technical questions over how to actually go about blocking the attacks. Still, it’s a lot clearer now that simply pointing the finger at China isn’t enough.

Source: https://qz.com/912419/akamai-akam-report-a-quarter-of-ddos-ip-addresses-are-now-from-the-us/

Majority of DDoS Attacks in October-December 2016 Conducted From Germany, UK, US

According to reports, United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016.

MOSCOW (Sputnik) – The United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016, an Internet company dubbed Akamai said in report Wednesday, adding that the overall number of attacks in 2016 increased by 4 percent compared to previous year.

“The top three source countries for DDoS attacks were the U.S. (24%), the U.K. (10%), and Germany (7%). In the past year, China dominated the top 10 list of source countries. In Q4 2016, China dropped to the fourth position overall, with 6% of traffic,” the State of the Internet / Security Report said.

Russia became the fifth country in the list, with 4.4 percent of attacks.

“The average number of DDoS attacks remained steady this quarter [October-December 2016] at 30 per target, indicating that after the first attack, an organization has a high likelihood of experiencing another,” the report said.

The study notes that the number of IP addresses, used for DDoS attacks, significantly increased in the last quarter of 2016.

The report also provides data regarding attacks in January- September 2016, with China, the United States, Turkey and the United Kingdom being the top source countries for attacks.

Source: https://sputniknews.com/world/201702151050711562-ddos-atacks-internet/

University suffers DDoS attack after it’s schooled by own IoT devices

Infected vending machines and light bulbs teach establishment a lesson.

A PLACE WHERE late stage teenagers go to drink and make arses of themselves has fallen victim to a denial of service (DDoS) attack of, essentially, it’s own making.

Yeah, we are talking about a university. We do not know what university it is, but Verizon’s breach report for 2016 tells us that the mysterious educational establishment, probably in the US, was taken to its knees by a DDoS attack that was brought about by its own bloody Internet of Things (IoT) devices.

It’s kinda like that Mirai thing, but on a much smaller, and more personally embarrassingly scale. We like to imagine that a connected toaster and a connected fridge had a fallout and that everything when bits up.

According to Bleeping Computer, which has had a cheeky look at the Verizon report, it was a bit more pedestrian than that.

“The DDoS attack was caused by an unnamed IoT malware strain that connected to the university’s smart devices, changed their default password, and then launched brute-force attacks to guess the admin credentials of nearby devices,” Verizon says as it explained that something fishy went down.

“Hacked devices would start an abnormally high level of DNS lookups that flooded the university’s DNS server, which in turn resulted in the server dropping many DNS requests, including legitimate student traffic. The university’s IT team said that many of these rogue DNS requests were related to seafood-related domains.”

The university has placed all IoT devices, such as light bulbs and vending machines, on its separate subnet, or perhaps in a bin. The security industry reckons that this is a signal of the kind of unprotected troubles to come. Naturally.

“On the surface this appears to be more of a prank than a sophisticated denial of service attack. However, proving that largescale IoT takeovers are possible should be a wakeup call to those who manage networks rife with unsecure IoT devices,” said Stephen Gates, chief research intelligence analyst at NSFOCUS by way of introduction.

“Municipal, Industrial, Commercial, and now Educational infrastructures are becoming more and more vulnerable, because organisations often carelessly deploy IoT without understanding the ramifications of weak IoT security.

“In this case the damage appears to be limited, and only inconvenienced users on a campus network.  Do the same to a transportation system, a chemical plant, a hospital complex, an E911 system, or an ISP, and the damage could be much, much greater.”

Source: http://www.theinquirer.net/inquirer/news/3004579/university-suffers-ddos-attack-after-its-schooled-by-own-iot-devices#

What retailers need to know about cybersecurity

Annual global costs tied to destruction of data, intellectual property theft, lost productivity and fraud are on pace to reach $6 trillion by 2021. Here’s how retailers can avoid becoming a statistic.

Cybercrime is big business — and retailers are squarely in the crosshairs.

Cybercrime — the catch-all term applied to an ever-expanding range of digital assaults from malware to theft of personal data to distributed denial-of-service attacks (DDoS, i.e. coordinated traffic onslaughts on servers, systems or networks designed to make the target difficult or impossible for legitimate users to access) — is rapidly growing more common, more dangerous and more complex. Service interruptions from DDoS attacks alone surged 162% in 2016. Cybercrime is also growing more lucrative: Nearly 90% of all cyberattacks now involve financial or espionage motivations, according to the Verizon 2016 Data Breach Investigations Report. Corresponding annual global costs related to damage and destruction of data, intellectual property theft, lost productivity and fraud are on pace to grow from $3 trillion in 2015 to $6 trillion by 2021.

While the second half of 2016 brought to light three of the largest data breaches ever recorded (two raids on web platform Yahoo that impacted at least 1.5 billion accounts combined; the other affecting about 412 million accounts across social network Adult Friend Finder), retailers in fact experience the most cyberattacks of any industry sector — about three times as many as the previous top target, the financial industry — information and communications technology firm NPD Group reports. The list of victims is long and ignominious, and includes Target, Home Depot, Eddie Bauer and Vera Bradley.

The question isn’t if and when yet another retailer will fall victim in the weeks and months ahead, experts say, but simply where the wheel of misfortune will land next.

“You’ll never be able to put up perimeters and defenses to stop the behavior of malicious attackers. Organizations need to accept the fact that if they’re not breached today, they likely will be breached at some point in the point in the future,” Paul Truitt, vice president of cybersecurity services at managed network solutions firm SageNet, told Retail Dive. “Getting ahead of the criminal and stopping them before they do what they’re going to do is a losing battle. But acting quickly and having the processes in place to respond what it does happen is achievable, and if every organization had that in place, we could significantly shorten the average data breach notification and identification, and also create much less juicy targets for the bad guys.”

Threat assessment

Retailers are like catnip to cybercriminals because of the wealth of customer data stored on their networks. While hijacking credit card account data has long been the primary objective — about 42 million Target shoppers had their credit or debit information stolen when the retailer was breached in late 2013 — thieves are also keen to acquire personal data like names, mailing addresses, phone numbers and email addresses.

“There’s a lot of data around shopping habits and purchasing patterns now being stored by retailers — information they never had before,” Truitt said. “If you’re tying a loyalty program to a mobile payment program, those payment programs are bringing more sensitive data into the retail organization than in the past, and that’s what criminals are looking for.”

The threat isn’t lost on retailers. Fully 100% of retail executives surveyed for the 2016 BDO Retail RiskFactor Report cited data privacy and security breaches as major business risks, up from 55% in 2011 and 26% in 2007. But according to Truitt, relatively few retailers have advanced their cybersecurity efforts beyond implementing the basic safeguards necessary to meet payment card industry (PCI) security standards.

“[Cybersecurity] varies by retailer,” he said. “We still see a lot of retail organizations putting their eggs into the PCI basket. The feeling is that they’ve secured their organizations by meeting PCI compliance requirements, but in reality, the vectors of attack are outside what PCI mandates needs to be done. When you think about security programs focusing only on PCI at best, we’re going to see a lot of data continue to be exposed.”

The media fallout and brand damage associated with past merchant data breaches (not to mention the legal costs and governmental penalties, which can run into the millions) are driving retailer cybersecurity awareness and investment, says Robert Horn, associate director at insurance and risk management solutions provider Crystal & Co.

“Retailers have been forced to increase their cybersecurity because of the breaches we’ve had in the last several years. Your public perception takes a hit, there’s customer churn, and the fines and penalties are increasing,” Horn told Retail Dive. “Cybersecurity is getting much more attention from the C-suite. Before, just the IT director was involved. Now you’ve got legal, you’ve got corporate governance, you’ve got the CFOs and the CEOs wanting to know what’s going on.”

But knowing what’s going on is easier said than done, because cybercrime evolves with mind-boggling speed. What began two decades ago with relatively simple viruses and website attacks hatched by malcontents seeking internet notoriety has rapidly mutated into discrete, laser-targeted and highly sophisticated offensives masterminded by thieves, hackers and extortionists motivated by financial gain.

“There isn’t a single organization that can say they’re 100% secure,” Maarten Van Horenbeeck, vice president of security engineering at content delivery network Fastly, told Retail Dive. “But there are organizations that have the maturity and the smart people to say, ‘We understand what is happening, and we believe we know how to defend against it and how to protect our customer data.’”

Personnel and protection

Understanding what’s happening begins with identifying potential cracks in your armor. Verizon found that most attacks exploit known vulnerabilities that businesses failed to patch, despite software providers making patches available months or even years prior to the breach taking place. In fact, the top 10 known vulnerabilities account for about 85% of all successful exploits each year. Avoiding disaster also depends on recognizing the warning signs and criminal patterns: 95% of breaches and 86% of security incidents fall into nine established exploit patterns.

Building a more secure retail business begins with smart personnel decisions. “The single biggest thing an organization can do today is hire the right people. There are so many technologies out there,” Van Horenbeeck said. “It’s like putting together a puzzle of the correct pieces to make sure you’re defending yourself against attack. You need to hire the right people who understand that puzzle, and who know how to make the organization as safe as possible.”

Perhaps no retail security solution has generated more headlines and discussion than the fall 2015 shift from traditional “swipe-and-signature” credit and debit cards to chip-enabled EMV cards, a move designed in part to better protect consumers from escalating transaction fraud. While EMV (which takes its name from Europay, MasterCard and Visa, the three companies that created its chip-integrated standard) effectively blocks card cloning and other commonplace criminal tactics, its security innovations are limited to transactions where the physical card is present, meaning many cyberthieves are shifting their focus from brick-and-mortar stores to the web.

That means retailers dependent on e-commerce must embrace software solutions including end-to-end software encryption, a method of secure communication that prevents hackers, internet service providers or any other third party from accessing, stealing or damaging cardholder data or other information during its transfer from one system or device to another.

“Organizations that have made investments in EMV but did not invest in end-to-end encryption have a risk misperception,” said SageNet’s Truitt. “They believe they are secure, but they’ve only accomplished authentication of credit cards. They’ve accomplished nothing related to the security of the actual transaction. Many retailers that don’t have security teams internally, or that outsource their security fully and don’t have anyone with that knowledge in-house, has misinformed themselves about what EMV is doing. We’re going to see more organizations put fewer security controls in place and reduce some spend, because they think they have put the right security in place. But they’ve left themselves more exposed than they used to be.”

Beyond the basics, retailers should also consider adopting data loss prevention solutions to help monitor, manage and protect confidential data wherever it’s stored or used, as well as emerging tools like advanced behavioral authentication (methodologies that monitor headquarters and store employees’ attributes and behaviors to prevent imposters from accessing infrastructure and data), data-mining and visualization techniques, and security response automation.

There’s no time to waste. Experts anticipate cybercrime to continue to increase in the months to come, and warn that emerging technologies like the Internet of Things and advances in artificial intelligence present a multitude of new opportunities for attack. Only the strong will survive.

“It’s hard to predict what new threats will come about,” said Horn. “[Security] all comes down to putting resources into cybersecurity teams. A bad breach can put you out of business.”

Source: http://www.retaildive.com/news/what-retailers-need-to-know-about-cybersecurity/435567/

Copyright © 2014. DoS Protection UK. All Rights Reserved. Website Developed by: 6folds Marketing Inc. | Demo Test