Practicing retail therapy is a common way to escape the blues. With e-commerce sites, shopping is even more convenient and the number of online shoppers has steadily been increasing. Cybercriminals have also noted the uptick in online shopping and are targeting online retailers and online shopping sites. According to the 2020 Trustwave Global Security Report, the retail industry was the most-targeted sector for cyberattacks for the third year in a row, with nearly one-quarter of all attacks in retail.1
- Why Cyber Attackers Target E-Commerce Sites
- 3 Steps Online Retailers Should Take to Prevent Breaches
- Zero Trust Security for E-Commerce Businesses
Why Cyber Attackers Target E-Commerce Sites
Apart from the vast jackpot of money generated within the online retail space, the sensitive personally identifying information (PII) required for most transactions is also attractive to cyber attackers. Names, addresses, birthdates, and credit card numbers can fetch high prices on the Dark Web or — even better for ransomware groups — might result in desperate retailers paying huge ransoms to mitigate data breaches.
In October, bookseller Barnes & Noble reported that it had been the victim of “unauthorized and unlawful access to certain Barnes & Noble corporate systems.” Later details revealed that customer PII — such as emails, phone numbers, and billing and shipping addresses — may have been exposed during the breach. The attack interrupted Nook-specific online functions as well as brick-and-mortar store transactions, when some point-of-sale (POS) cash registers were temporarily not functioning.2
3 Steps Online Retailers Should Take to Prevent Breaches
Online shoppers store a lot of sensitive personal information on their favorite retail sites, so it’s important for online retailers to protect their customers’ private data and other PII. Here’s what online retailers can do to secure critical assets and become cyber resilient all year-round.
1. Gain Visibility into All Network Traffic
Traditional security solutions don’t provide visibility into East-West server traffic. This makes it almost impossible to detect the presence of hackers once they’ve gained access to your network. An effective visibility solution will give you granular visibility and control over your network communications, including server traffic.
When you have complete cross-segment traffic visibility, any deviation in behavior can be detected and flagged by your security team. This information can be used to check and remediate systems or applications that have been attacked.
Another advantage of complete network visibility is that it simplifies PCI compliance. You can audit card-holder data environment (CDE) traffic to provide continuous validation of your PCI-DSS posture.
2. Isolate Your Critical Segments with Micro-Segmentation
Cybercriminals are increasingly using phishing campaigns to bypass perimeter defense solutions. Your employees might click on a malicious email link thinking it’s from a trusted source. This would give the hacker the opportunity to install malware, spread laterally, and gain access to your servers, databases, and applications.
With software-defined micro-segmentation, you can create logical segments coupled with intent-based resource access policies. These can span the hybrid infrastructure without requiring VLAN/ACLs or complex rules and configurations. Security policies can be driven down to application environments, users, and individual workloads, ensuring that access to applications is denied, unless explicitly allowed (in other words, zero trust).
In the event of an APT (Advanced Persistent Threat) or insider threat attack, you can isolate your CDE and critical database servers. The hackers can be blocked and isolated, drastically reducing the attack surface.
3. Educate (and Vet) Your Employees
A company’s cybersecurity posture is only as strong as its weakest link, which is often an employee who hasn’t been educated on cyber hygiene best practices. You should train employees, vendors, and affiliates about security best practices. An informed workforce will be on its guard against phishing attacks and similar social engineering tactics used by hackers to exploit human psychology.
More rare — but not unheard of — are inside attackers. In September, e-commerce company Shopify reported that two rogue employees planned an inside job to steal transactional data.3 Tesla, the largest seller of electric vehicles (EVs) worldwide, avoided an inside threat this summer when an employee was offered $500,000 to deploy malware on the Tesla network that would allow a cybercriminal group to demand ransom. Fortunately, the worker reported the bribe to Tesla.4
Zero Trust Security for E-Commerce Businesses
Online retailers need to ensure that their security solutions can defend their business against increasing malware threats and other cyberattacks. Adopting a proactive approach can reduce the attack surface and keep highly damaging data breaches at bay. Zero Trust Security can help you implement policies to ensure that access to data, applications, and workloads is limited to authorized users.
To find out more about how your online retail business can secure its data centers, applications, and endpoints, read ColorTokens’ Retail Security Solutions.