Subscribe to our Newsletter

By subscribing, you’ll get exclusive invites to webinars, events by security experts, threat alerts and cybersecurity tips delivered to your inbox.

We are committed to your privacy and won't ever share your information with 3rd parties

Thank you for subscribing to our newsletter.

November 19, 2018 5:07 pm | Leave your thoughts
November 19, 2018 5:07 pm | Leave your thoughts

A Simple 3-Step Guide for Retailers to Prevent Black Friday And Cyber Monday Malware Attacks


Avatar Shivram Nayak

It’s Thanksgiving week and retailers across the country are busy rolling out their best offers for Black Friday and Cyber Monday. The National Retail Federation expects holiday retail sales in November and December to be between $717.45 billion to $720.89 billion.

The Holiday season is when the consumer spends peak allowing retailers to rake in a considerable chunk of their yearly profits. But retailers are not the only ones eyeing the money. Cybercrime will also be in overdrive trying to get a piece of the pie. The 2018 Trustwave global security report found that the retail sector suffered the most breach incidences (16.7%) in 2017 as attackers became more organized.

What Retailers Can Do to Secure Themselves

Both online and brick-and-mortar retailers are at high risk from Black Friday/Cyber Monday till the end of the year because of the high volume of sales. It is also possible that hackers are already present in your network waiting for the right opportunity to exfiltrate data. Here’s what retailers can do to secure their data and applications.

Step 1: Gain Visibility into All Network Traffic

Traditional security solutions don’t give you visibility into East-West server traffic. This makes it almost impossible to detect the presence of hackers once they’ve gained access to your network. An effective visibility solution will give you granular visibility and control over your network communications, including server traffic.

When you have complete cross-segment traffic visibility, any deviation in behaviour can be detected and flagged by your security team. This information can be used to check and remediate systems or applications that have been attacked.

Another advantage of complete network visibility is that it simplifies PCI compliance. You can audit point of sales terminals and card-holder data environment (CDE) traffic to provide continuous validation of your PCI-DSS posture.

Step 2: Isolate Your Critical Segments with Micro-Segmentation

Hackers are increasingly using phishing campaigns to bypass perimeter defence solutions. Your employees might click on a malicious email link thinking it’s from a trusted source. This would give the hacker the opportunity to install malware, spread laterally, and gain access to your servers, databases, and applications.

With software-defined micro-segmentation, retailers can create logical segments coupled with intent-based resource access policies across the hybrid infrastructure without requiring VLAN/ACLs or complex rules and configurations. Security policies can be driven down to application environments, users, and individual workloads ensuring that access to applications is denied unless explicitly allowed (also known as zero trust security).

In the event of an APT (Advanced Persistent Threat) or insider threat attack, retailers can isolate their cardholder data environment (CDE), and critical database servers. The hackers can be blocked and isolated, drastically reducing the attack surface.

Step 3: Tamper-Proof Your Point of Sale Terminals

For many years, the special purpose systems like Point of Sale (POS) terminals have been a security vulnerability. Most POS terminals run on unsupported/unpatched OS which makes them vulnerable to malware attacks. The 2013 POS attack on Target was responsible for the exposure of credit card information of 40 million customers.

Traditional signature-based antivirus used to secure POS terminals is not equipped to defend against zero-day attacks and advanced persistent threats (APT). Instead, retailers need to switch to a robust signature-less approach that works at the kernel level to lockdown POS machines rendering them tamper-resistant. This eliminates the need for expensive and cumbersome OS or application patches while preventing unauthorized processes running on your end-points and critical servers. Adding end-to-end encryption of POS terminals provides an additional layer of security by making data communication tamper-proof.

With Black Friday and Cyber Monday just around the corner, retailers need to ensure that their security solutions can defend against increasing malware threats. Adopting a proactive security approach can reduce the attack surface and keep highly damaging data breaches at bay.

Learn how you can secure data centres, applications, and endpoints with ColorTokens Retail Security Solutions.

Leave A Comment