77 Percent Companies Hit By Cyber Attack During the Past Year: Report
77 percent of companies worldwide were hit by some kind of the cyber attack during the past year, says Kaspersky Lab’s IT Security Economics Report. The report even says that the cyber attacks get more intense during the holiday season, more notably during the Christmas sale season. The inference is that the situation would be getting worse during the Christmas sales season because of an increase in attacks exploiting DDoS and POS vulnerabilities.
A Kaspersky Lab press release dated 8th December discusses this in detail. The press release says- “According to the Kaspersky Lab IT Security Economics Report, over 77 percent of companies have suffered an attack of some form during the last 12 months. An increase in attacks where DDoS and POS systems were the main vectors is making the situation even worse – especially during the Christmas sale season when there are more shoppers in store than usual, and the boost in sales is making retailer revenues an attractive target for cybercriminals.”
The research findings show that in the past year there has been an explosion of up to 10 percent in attacks exploiting DDoS vulnerabilities and POS vulnerabilities. It’s this spike in DDoS and POS attacks that indicates possibilities of cybercriminals planning to execute more attacks during the Christmas sales season exploiting DDoS vulnerabilities and POS vulnerabilities, among other attacks.
The Kaspersky press release also discusses the high-profile security incidents that major brands have suffered in their payment systems in this year and the increase in botnet DDoS attacks. The release states- “In particular, 2017 has seen a series of high-profile cybersecurity breaches reported in the payment systems of major brands: from Chipotle to Hyatt Hotels and recently, Forever 21. Kaspersky Lab also registered a considerable increase and geographic spread in botnet DDoS attacks in the third quarter of 2017, with targets in 98 countries (compared to 82 in Q2), according to the latest DDoS Intelligence Report.”
This means that retail businesses and e-commerce organizations need to be careful during the Christmas sales season. As retailers and e-commerce guys could be having increased revenue, the criminals could go for successful DDoS attacks using POS systems as entry points. They would be doing this for ransom, to steal customers’ personal data/money or just for dirty competition.
The release also quotes Alessio Aceti, Head of Enterprise Business Division, Kaspersky Lab, who says- “Given this year’s apparent increase in these types of attacks, we recommend businesses – retailers in particular – to stay alert during the Christmas season, when there are more risks of cybercriminals cashing-out, through the exploitation of payment systems or attacks that use DDoS. These can involve cybercriminals demanding a ransom, or simply preventing an organization from trading, making them lose income and clients as a result. But apart from the obvious risks, this is also a good opportunity for businesses to think about their protection in general, by developing their cybersecurity culture and investing in the right technologies”.
For all potential security issues, there are solutions that could help prevent them or mitigate losses. For the issues that retailers and e-commerce people are likely to face during the Christmas sales season, the basic preventive measures that can be adopted include keeping e-commerce platforms up-to-date, ensuring POS terminals are running latest version software, using trusted security software to secure POS terminals, good password management, educate employees and customers about possible cyber threats etc.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.