From the back office to the till: Cybersecurity challenges facing global retailers
It’s hardly surprising that the retail sector is one of the most frequently targeted globally, with retail sales in the US alone projected to top $5.2 trillion in 2022. Consumers’ money and data have for years been a big potential prize for cybercriminals to get their hands on, and the surge in digital investment and online shoppers prompted by the pandemic has only made retail a more attractive prospect for would-be hackers. Malicious insiders, negligent staff and misconfigured or vulnerable software across networks, endpoints and point of sale (POS) devices have all widened the corporate attack surface over the years.
In this context, cybersecurity plays a critical role in protecting customers’ personal and financial data, keeping ransomware at bay and preserving brand reputation. Ultimately it is a means of seizing opportunity – the opportunity to drive closer customer engagement and grow business.
As a new report from ESET makes abundantly clear, the pandemic has already had an outsize impact on the sector. How well retailers can manage the surge in online threats may define their long-term success in a post-pandemic world.
ESET industry report on retail: Evolving threats to data and payments
Read full report
What’s at stake?
COVID-19 has helped to transform retail organizations from the back office to the POS terminal. It’s also exposed them to new cyber-risks. Mass remote working made tools like Microsoft Exchange and Kaseya more popular for communication and IT management. They were duly exploited en masse for data theft and extortion.
More broadly, retailers are exposed at multiple points in their IT infrastructure, including customer databases, POS terminals, marketing automation, web search optimization tools, and payment processing platforms and services. We’ve seen everything from phishing to ransomware, man-in-the-middle attacks to SIM swapping and spoofed mobile apps. In fact, the tactics, techniques and procedures (TTPs) used more broadly in COVID-themed attacks are all present in targeted campaigns against retail customers and businesses.
From POS to e-commerce
POS was traditionally the number one target for data-hungry attackers – most notably in the high-profile breaches of tens of millions of accounts at Target and Home Depot several years back. There’s still a threat here today, as we saw with the discovery of the ModPipe POS malware and the impact of the Kaseya supply chain attacks on some retailers POS systems. However, the widespread adoption of EMV cards – which can’t be cloned as easily using stolen POS data – and new systems like Apple Pay are starting to force more malicious activity online.
That general trend was given a huge push with the advent of COVID-19, with online as a percentage of total retail sales increasing from 16-19% in 2020. Here’s a snapshot of some typical e-commerce threats today:
- Magecart-style digital card skimming malware has become a major risk to online retailers. One gang compromised over 2,800 digital stores in just a few days. Another skimming campaign resulted in a £20 million fine for British Airways.
- More sophisticated card-stealing malware has even been found lurking in CSS files, social media sharing icons, and favicon metadata in a bid to outwit security tools.
- IIStealer malware, discovered by ESET researchers, is a particularly sophisticated way to steal customer credit cards. It compromises web servers, waiting for users to check out and pay for items. After saving the related credit card information without impacting the user experience, the malware exfiltrates the data to the attackers, hiding it in legitimate website traffic. In this instance, even the HTTPS padlock is no protection for users, as IIStealer waits for requests to be decrypted on the server side before logging information from them.
- E-commerce plugin malware such as a 2020 campaign which exploited security bugs in WordPress plugin WooCommerce to provide access to the website’s database.
Protecting e-commerce servers
For retailers, these risks are heightened by the presence of rigorous data protection regulations like the GDPR and the Californian CCPA, alongside industry data security standard PCI DSS. Non-compliance could result in major fines and reputational damage, leading to customer churn – a serious risk in an industry where loyalty is hard won but easily lost.
There are no silver bullets for solving these challenges. And best-practice cybersecurity should have multiple layers to it, from the end user to the endpoint. But at a high level, retail IT security teams can help to mitigate some of these risks by better securing their back-end e-commerce servers. Consider the following:
- Use dedicated accounts with strong, unique passwords for admins
- Require multifactor authentication (MFA) on all administrative and more privileged accounts for extra protection
- Regularly update the server’s operating system and applications, and carefully consider which services are exposed to the internet to reduce the risk of exploitation
- Protect customer data at rest with encryption, which will render it useless to thieves
- Consider using a web application firewall, as well as a reputable security solution on your server
- Deploy robust, multi-layered endpoint defenses to prevent, detect, and respond to threats
- Retailer IT environments span everything from back-end logistics and CRM to the front-end e-commerce store and POS terminals in brick-and-mortar stores. That’s a large target for the bad guys to aim at. As online business continues to grow and digitally transform, the key to competitive advantage will increasingly be defined by how well risk-based cybersecurity strategies stack up.
About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
CyberLink’s FaceMe® Receives FIDO Alliance UAF Level 1 Certification
As a UAF Level 1 Certified FIDO Alliance member, CyberLink’s FaceMe shows the world that it meets a variety of stringent identity verification standards that are required in today’s global financial and technology industries.
Taipei, Taiwan – December 14, 2022 – CyberLink Corp., a pioneer of AI and facial recognition technology, announced that its facial recognition engine FaceMe®, has received FIDO Alliance’s UAF Level 1 Certification. This certification means that FIDO Alliance has recognized a number of advanced FaceMe security and interoperability protocols that meet the financial services industry’s strict security requirements such as using multi-factor authentication over traditional password login. These requirements cover a broad range of online interactions that range from basic content access to transaction enablement, in areas such as banking, securities, insurance, electronic payments, and more.
The FIDO Alliance creates authentication standards to help reduce the world’s over-reliance on passwords. Its certifications have become increasingly popular and necessary, especially among global technology companies which deal with ever-increasingly complex electronic systems and data-sensitive transactions. The FIDO Alliance provides authentication protocols and the standards by the FIDO Alliance have been used by major network technology industries and cloud service providers already, and its use has been advocated by various governments.
CyberLink’s FaceMe is not only certified by the FIDO Alliance, but also holds several other certifications and security metrics. FaceMe recently passed the iBeta ISO PAD Level 2 liveness detection test with high scores and is top ranked globally by the National Institute of Standards and Technology’s (NIST) Facial Recognition Vendor Test (FRVT) with an accuracy rate of 99.81% and error rate (False Match Rate) as low as 1 in 1 million. These metrics are proof points confirming that FaceMe’s industry-leading accuracy and anti-spoofing capabilities can be trusted to effectively prevent misidentification or identity fraud.
Compared to a traditional password login, FaceMe’s facial recognition software is not only more convenient and seamless but is also a more secure form of user identification that’s essential when granting access to highly sensitive information and performing tasks for online banking, securities, insurance, electronic payments, and more. Yuanta Life, Meihao Securities, and the virtual currency exchange CoinTrust are among CyberLink’s customers who are leveraging FaceMe’s facial recognition technology to provide a more secure experience.
CyberLink’s FaceMe Fintech, a financial eKYC (electronic Know Your Client) solution, is also FIDO Certified. Improving the FaceMe experience and enhancing security and privacy protection are top, ongoing priorities at CyberLink. As such the company will continue to seek opportunities to improve its solutions and submit them to the leading certification programs.
About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition. CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD. With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com
You can judge your monitoring by the tools you use
Whether you are a DIY ace or a master at roast beef, a decorated luthier or the best seamstress in the neighborhood, we all love to work with good tools, right? This includes, of course, good IT professionals. Because IT monitoring tools are fundamental when it comes to supervising a network infrastructure and applying the corresponding policies and security measures. Even so, not every monitoring tool is perfect, in fact some could even get to the point of harming us. Let’s take a look!
Better monitoring tools, better monitoring
It’s instinctively basic: you have to find the right monitoring tool for each job. Indeed, although it may seem unheard of, it is quite difficult for IT teams to find comprehensive and outstanding monitoring tools. Some of them are too specialized or do not support all applications because they might lack certain features. This dilemma can lead IT teams to use hundreds of disparate monitoring tools, due to the need to attend to all monitoring tasks. I know what you are thinking: “That must be expensive”. Yes, it is, plus it slows down the working pace due to the huge amount of reports, each with their own features, to be inspected and checked.
That is why we must avoid tool proliferation, as we avoid the proliferation of gremlins or herniated discs. Preventing it through individual monitoring solutions, even if this requires significant changes, such as the implementation of integrated tools, conceived to support multiple applications, or special network configurations.
The most efficient thing would be to go for IT monitoring tools that include updates to support today’s most respected applications and provide IT administrators with a single management board.
Simplifying is the key
If you have to choose a monitoring platform, you should be aware beforehand that different IT sectors require different types of solutions. Try, with a single solution, to address as many sections as possible, thus adding further depth to monitoring activities. Such a single solution will give you a greater ability to automate responses and locate irregular events in any system you are monitoring.
For this reason, IT departments often look for a suite of fully integrated IT tools offered by centralized system management and monitoring companies. These companies often promise to reduce the license and maintenance costs of their software, as well as the use of their monitoring tool integrated in the corresponding environment to help manage the company.
The IT department will reduce costs thanks to these integrated tools, among other things because they already have a strong response to any problem that may arise. In fact, one of the direct benefits is the reduction of incidents that require the action of the support teams. Also general performance visibility and system availability, thus increasing the total productivity of the company.
But hold on there, before you go running to look for a monitoring tool that suits your company’s requirements and even your zodiac sign, it is TOTALLY NECESSARY to define what justifies monitoring in your company. Remember that each piece of your IT department will have something to say and contribute, there are different features regarding each function, information flow and security clauses. Once you have a full and clear idea of what you and your company need, you may start with a good monitoring strategy.
Application monitoring tools
Application monitoring is, broadly speaking, monitoring activity logs to see how applications are being used. You know, looking at the access roles of the users, the data that is accessed, how this data is used… If your monitoring tool is good, it even shows a window to the log data and an exhaustive view of all the data elements that make up a healthy application: response times, data traces…
Any self-respecting application monitoring tool has to offer these kinds of features, as well as being integrated with database and network monitoring. Thus, together, they will be able to improve application response times through active and immediate solutions to performance problems that arise.
Network monitoring tools
DNS host monitoring, IP address management, packet tracking… This is more or less what all network monitoring tools usually offer. They usually fall short, however, when it comes to supervising everything related to network traffic, whether internally or externally. What they should always provide, under oath, is full surveillance of all devices connected to the network.
Compliance control monitoring
Don’t worry, if you haven’t yet managed to justify implementing a full monitoring tool, compliance monitoring will make up your mind.
Compliance monitoring solutions will provide you with templates based on types of regulations, allowing you to conveniently design and implement a comprehensive compliance monitoring strategy, including the ability to monitor log data, in real time, from any type of device connected to your network, including routers and switches.
Thanks to compliance control monitoring tools you will be able to collect, correlate and export any necessary registration information for the IT team. Report templates will be able to align with formats common to regulatory agencies. In addition to providing exhaustive analysis in the case of internal audits.
Conclusions
If we have made something clear today, it is that the system management and monitoring solution you choose must meet a small series of requirements: be integrated into several systems, be accessible to the IT team through an intuitive interface based on a control panel, be scalable, and stay constantly evolving so that its ability to help you maintain your services can go forward and transcend when you need it.
If doubt and anxiety overcome you, do not worry, what you are looking for is not far away. Pandora FMS is capable of monitoring all these IT areas that we talked about and much more. Thanks to its more than 16 features and more than 500 Enterprise plugins available. Also, if you are not very knowledgeable in this matter, do not worry, we manage it for you with our MaaS solution.
About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.