Kathmandu Breach Reinforces Why Cybersecurity is Critical for Retailers

By Ben Verschaeren | 25 Mar 2019

With high-profile Australian businesses such as Big W, Target and most recently Kathmandu, all falling prey to cyber attacks, Ben Verschaeren says retailers need to be more vigilant when it comes to protecting their data and IT assets.

Most cybersecurity advice around retail and online shopping is directed at consumers. Every time a sales event such as Black Friday comes around, Australians are reminded that criminals prey on careless consumers during these events. However, there are two sides to every transaction and the recent Kathmandu breach serves as a timely reminder that retailers must also be vigilant with their cybersecurity practices.

Online shopping in Australia has reached eight per cent of total traditional retail sales, with Australia Post predicting that by 2020, one in 10 items will be bought online. With the growing use of and reliance on online shopping comes an increased risk of cyberattacks, which intensifies the importance for retailers to implement a cybersecurity strategy.

Compared to other businesses, retailers often deal with a much broader pool of consumers who willingly relinquish personally identifiable information (PII) to purchase goods. Understandably, an online purchase requires a lot of PII, including the purchaser’s name, contact details, address and payment information. With every purchase, consumers place a great deal of trust in retailers that they will keep their information secure. But what happens if this information is compromised and ends up in the wrong hands?

In recent times, we’ve seen major retailers such as Target, Big W, Ticketmaster and the latest, Kathmandu, suffer data breaches. While the details of how these breaches occur don’t always become known, there are many types of attacks and techniques that hackers often use that retailers should familiarise themselves with and, more importantly, defend themselves against.

Targeted Attacks

Hackers will send emails that appear credible to individuals or departments within an organisation. This could be an email to the accounts payable team asking that it makes a payment to a specific account.

Retailers should implement effective endpoint, network and email protection that filters out spam, malware, phishing attempts and dangerous file types. But it’s also important not to solely rely on this software. In tandem, retailers should implement a security awareness program that educates and tests staff on how to identify dangerous and suspicious emails or files.

Legitimate-Looking Sites Rigged with Exploit Kits

These sites try to work out in real-time how to “crack” a PC using JavaScript or Flash that tries one known flaw after another.

While IT teams often urge staff to update their computer software on a regular basis, many employees fail to do so. These updates address security vulnerabilities and patch any known risks that hackers will try to exploit. Worryingly for IT departments, most exploit kits succeed due to vulnerabilities in software for which a patch is already available, but has not been updated.

Access all Areas

Once in, hackers will try and move around the network to get as much information as possible. These cybercriminals will try and gain access to confidential information such as a new project and/or campaign a retailer might be working on.

Retailers can make it harder for intruders to move around their systems by segregating networks with next-gen firewalls.

Automated Malware 

Cybercriminals are known to enter a network and leave behind malware that automates their “dirty work” and is programmed to “call home” to fetch further instructions. This enables hackers to continuously get updated information that may be critical to what a retailer is working on and/or is planning.

 Retailers should consider installing web filtering and a next-gen firewall with command-and-control traffic detection. While it won’t block the malware, it will neutralise it and notify the IT department of the issue – a much better result than having confidential files compromised.

Unnecessary Software 

Many people don’t realise that more software means more risk. It presents cybercriminals with an additional opportunity to attempt a break-in using command injections.

By using Application Control, IT teams can keep track of and restrict software that reduces security without providing any benefit to the business.

Cybersecurity incidents in the retail sector commonly result in negative media coverage, which often leads to customer concern. Consumers put their trust in retailers to safeguard their information, but after a data breach, they may not be as willing to do so. Security breaches can destroy customer confidence and ultimately impact sales. Breaches like the Kathmandu incident should serve as a reminder to all retailers that it pays to be protected.

Never miss our best stories. Sign up for Power Retail’s free weekly newsletter and find our daily stories on FacebookTwitter and LinkedIn.

0 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *