New threats require multiple layers of defense

Consumers can expect to receive many more notices – similar to those sent by companies that had used the Epsilon marketing service – in the months ahead from companies informing them that their customer information has been compromised. The Internet has become a primary conduit for cyber attack activities with attackers channeling threats through social-engineering attacks and legitimate websites, placing a higher risk to a larger number of people than in the past. Long before the recent Epsilon security breach, fraud and security analysts observed a disturbing trend of malware attacks targeting e-commerce and financial services companies.

The target for many of these attacks is information about customers, prospects and leads. The criminals will either use the stolen customer data to commit fraud themselves, or sell it on the black market, leaving the heavy lifting for other cyber thieves. Regardless of who uses the stolen data, the damage to a business could potentially be wide and deep.

Monetizing the data from the Epsilon breach
Criminals will use the data to send email to the impacted consumers and these emails are the first step in committing their fraud. There are generally two ways these emails are used. First, the criminal might send the consumer an email that includes a link to website that downloads malware onto the consumer’s computer. This can result in Man in the Middle attacks on e-commerce websites: the consumer signs in and immediately after the successful sign-in, a second IP address from another country signs in and purchases a high value item.

The second way these phishing emails are useful is in stealing passwords. You might wonder – why a phishing attack against a website like TiVo? Keep in mind that consumers often use the same passwords on multiple websites. If a phishing email tricks a consumer into giving away their password to the TiVo website, since TiVo uses an email address as a userID, it is possible that the userID/password combination will work on additional, higher value, sites.

Indirect monetary gains from breaches like Epsilon
In several cases, malware that is downloaded through email sent to a victim accesses a company’s intranet through the computers of that company’s employees. Once the malware is activated it can quickly begin scraping lists of customer data or other valuable information from the company’s website and sending it to the criminals. This used to be called “Data Loss,” and is now called Wikileaks.

Complexities of new threats
What is interesting about perpetrators similar to those associated with the Epsilon breach is that most of them derive value through website functions (to steal goods or money) or data available through web browsers. Because of this, it is critical for companies to monitor both their public-facing and internal websites to detect this type of suspicious behavior immediately.

Multi-layered web security
While authentication technologies can help address some of these threats, with the assumption that the majority of personal computers are comprised, it is critical to implement a new layer of defense.

Monitoring what is going in to and out of the Web browser is just as important as network security and organizations must diligently monitor the integrity of their systems and applications to make sure criminals aren’t exploiting any weaknesses. The best precaution organizations can take is implementing a multi-layered Web security program. A solid system consists of monitoring authentication, behavior analytics, encryption, anti-virus, white listing and more.

With more than one security layer in place, organizations have a higher likelihood of protecting their information in the event that the first line of defense fails. By approaching your cyber security program with a long-term vision, you can begin to see that addressing new threats now will reduce risk in the future and prevent you from dealing with potential attacks over time. This not only improves the efficiency of your resources, but is also essential to protecting your business and its continued growth and success.




Share this