Successful cybercriminals are a lot like pickpockets in a Charles Dickens novel: they carefully monitor their victim by blending in or remaining undetected, seeking the opportune moment to steal your valuables.
Instead of jewelry or money, cybercriminals opt for credentials, customer data, and digital wallets.
And we've just learned of a large attack aimed at SMBs.
More than 4,000 small business websites were compromised by hackers to steal credit card and other payment details, according to new research by the UK's National Cyber Security Centre (NCSC).
eCommerce software vulnerability leads to payment data theft
NCSC's Active Cyber Defense program discovered a vulnerability in the payment software Magento, which is connected to Adobe Commerce and has clients from industries across the board, including healthcare, wholesale, retail, and software.
Hackers are exploiting victims using a process called skimming.
"The activity of skimming exploits a vulnerability in software used at the checkout page on shopping sites to divert payments and steal details of unsuspecting customers. The National Cyber Security Centre—a part of GCHQ—proactively identified 4,151 compromised online shops up to the end of September and alerted retailers to these security vulnerabilities.
The majority of the online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform."
While the vulnerabilities in Magento have been patched and updated, NCSC provides guidelines for small businesses that may be moving from a purely physical storefront to a digital one.
Potential threats of not securing a retail website
Cybercriminals are more likely to go after low hanging fruit, such as a website with minimal security, seeking out things like weak passwords or known vulnerabilities.
Holidays and family vacations—when security team members are out of the office and retail business is booming—can make early detection more difficult, too.
Sarah Lyons, NCSC's Deputy Director for Economy and Society, discusses the importance of preparing for cyberattacks, regardless of organizational size.
"We want small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cyber criminals over the peak shopping period. Falling victim to cybercrime could leave you and your customers out of pocket and cause reputational damage.
It's important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up to date," Lyons said.
CISA Director Jen Easterly tweeted out the agency's alert with a message.
Because people may be getting used to "the new normal," this shopping season is critical for many business owners.
"Given the economy overall is recovering from Covid impacts, this is an even more important shopping season than there probably has ever been. Ensuring that you've got resiliency in place for your central backup infrastructure is something that [retailers] can immediately do," Simon Jelley, General Manager and VP of Product for Veritas Technologies, told Politico.
For more information on the small business cyberattack, read the blog at ncsc.gov.uk.
And the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning cybersecurity teams in all industries to be on high alert.
Resources
Visit SecureWorld's events page to see upcoming virtual and in-person conferences, which feature industry experts speaking to best practices for cybersecurity.
