Sensitive Data Exposure – What Does It Mean For Your Business And How To Avoid It

May 19th, 2023 Ben Herzberg Leave a comment

In the modern global data ecosystem, businesses collect and hold a lot of sensitive consumer data. Company databases store sensitive information such as credit card numbers, passwords, house addresses, phone numbers, social security numbers, and email addresses. Although this data is an asset for most companies, it becomes a risk in case of a data breach.

Sensitive data needs to be protected against all unauthorized access to prevent exposure to potential hackers and fraudulent activities. When unauthorized individuals access consumer data, it can be quite costly. Statistics show that the cost of a data breach in 2022 stood at $4.24 million per breach. It also compromises privacy and can lead to stolen identities and fraud. Therefore, if this happens to your business, the consequences could be severe enough to affect your operations.

In this article we’ll explain how does sensitive data exposure happen and how to avoid it?

What is sensitive data exposure?

Sensitive data exposure occurs when unauthorized people access personal information or company data. It usually happens when a company accidentally exposes sensitive information due to inefficient security measures, poor encryption, misconfigurations, and inappropriate data systems.

Data exposure leads to unlawful destruction, alteration, and loss of sensitive data. Here are some of the attacks that expose sensitive data.

SQL injection attacks — they occur when an attacker introduces malicious queries into your system to extract sensitive user information with a simple command.
Insider attacks — they happen when a current or former employee with authorized access breaks into your system to steal data.
Phishing — designed to mislead users to get them to offer sensitive information via text messages or emails.

How does data exposure happen?

Most organizations have invested heavily in complex IT systems to boost their data security. Despite that, sensitive data is still vulnerable to exposure either through employee errors or poor data control systems. To effectively protect your data, you need to know the different methods of data exposure.

Data in transit

Data is always traversing through networks, servers, or people. For instance, when you send an email, the information moves from on-premise to the cloud. As data is being exchanged between application programming interfaces (APIs) and servers, it’s at risk of interception.

Cybercriminals exploit any security flaws between two applications or servers to get the data. Sensitive data is exposed during transit due to a lack of encryption, poor data control policies, or when employees use insecure connections.

Data at rest

As of 2022, 60% of all corporate data was stored in the cloud. While this helps companies with data management, they face dangerous cloud data risks. In an average company, 157,000 sensitive records are at risk of being exposed through various channels, representing $28 million in data-breach risk.

The security of stored data depends on the protocols in place to protect it. The information is prone to SQL injections and other attacks when there’s no proper encryption on company files and databases. Additionally, sensitive data at rest can be exposed if there are misconfiguration errors, such as having private information available on the internet for anyone to access.

How to avoid sensitive data exposure

Exposure of sensitive data can be prevented by taking the right steps to mitigate the risk and quickly detect potential breaches. Here are some of the steps you should take.

Classify your data

To avoid sensitive data exposure in your business, you first need to know where all your sensitive data is. For instance, you should know which files and databases contain customer information and which ones hold important passwords. This way, you can devise better ways to secure the data.

In order to avoid sensitive data exposure, create an automated classification system that gives a clear picture of the location, owners, type of security, and governance measures your business has.

Improve your access control

Some data attacks happen due to poor sensitive data visibility. For example, you’ll find that some businesses don’t know which files or databases contain sensitive information, and where the data — like passwords, and customer information like Social Security numbers — is stored. When your business has poor visibility and classification, you can’t track and secure all the data.

One of the ways to boost your data security is by improving and automating your data access service. This determines who can access files and the networks in your business and for how long. Develop an automated access management policy that determines the privilege of every user that does not rely on manual granting and accessing of sensitive data. With proper access controls, only the intended individuals can view and alter sensitive data.

Regular testing

Attackers use different vulnerabilities to gain access to sensitive data. For instance, if your system is not properly encrypted, it becomes easier to penetrate and get this information. However, with regular penetration testing, you can detect weaknesses and strengthen security measures.

Penetration testing simulates how real-world attackers use your vulnerabilities to gain access to your data. Conducting these tests regularly provides insights into your defenses. You can hire a data expert to launch these penetration tests if you process sensitive information on a larger scale. Once you have the results, you can add extra layers of security to protect your business from potential data breaches.

Summary

Businesses must keep sensitive data unexposed. While sensitive data is at risk when in transit or at rest, you can protect your business by ensuring that you conduct regular testing, classify the data, and improve your access control measures. Additionally, you can safeguard data by using tokenization which protects social security numbers, credit cards and other well-defined databases.

It’s important to pay attention to your data, especially due to the emergence of for-profit attackers who are looking to re-sell sensitive information or hold businesses for ransom.

Author’s bio

Ben is an experienced tech leader and book author with a background in endpoint security, analytics, and application & data security. Ben filled roles such as the CTO of Cynet, and Director of Threat Research at Imperva. Ben is the Chief Scientist for Satori, the DataSecOps platform, as well as VP of Marketing.

Global Trade Daily, Technology

First-Generation American Finds His Niche In Cybersecurity

May 10th, 2023 Duggan Flanakin Leave a comment

Three years ago Cybercrime Magazine reported that Cybersecurity Ventures expected cybercrime costs to grow by 15 percent annually, reaching US$10.5 trillion globally by 2025.Already, the cost of cybercrime had risen from $3 trillion in 2015 to a projected $6 trillion in 2021.

If measured as a country, cybercrime would be the world’s third largest economy after the U.S. and China.

Theft from cybercrime represents the greatest transfer of economic wealth in world history. Profits from cybercrime are greater than the global trade of all major illegal drugs combined.

Data breaches, often connected to cybercrime but sometimes just the result of incompetence or hacker curiosity, have become everyday events in the cyber century. In just the first three months of 2023, major data breaches were reported by Yum Brands (KFC, Taco Bell, Pizza Hut), Chick Fil-A, Activision, Google Fi, T-Mobile, Mail Chimp, Norton LifeLock, and even ChatGPT.

One of the largest data breaches occurred in 2018, affecting 2 billion Facebook (now Meta) users; the company was also breached in 2021, affecting “only” half a billion users.

Yahoo, Amazon, Twitter, Microsoft, Uber, AOL, Dropbox, eBay, and many other 21st Century giants have also suffered the indignities caused by hackers.

There are three leading reasons why company data can get hacked – One is old vulnerabilities – hackers who breach once leave a secret window to enable repeat attacks; human error by employees ranging from weak passwords to clicking on malicious links and visiting phishing sites; and the third is malicious software used by hackers – viruses, ransomware, Trojans, spyware, adware, and other traps that enable would-be criminals to steal confidential information.

Cybersecurity expert Melvin Ejiogu says he founded VeeMost Technologies in 2002 after realizing that most of the key players in the industry at that time focused more on billing their customers and responding to current attacks than on building and managing a secure cyber environment to protect those customers over the long term.

Ejiogu said he was motivated – despite a lack of capital at the time – to provide a variety of services to ensure the security of customer data rather than rely on gimmicks. His focus was on long-term maintenance protection rather than quick fixes over and over again. But, he admits, though he was a technology expert and had the financial background, he did not understand how to grow what is today a great company.

To learn those ingredients, Ejiogu, whose college days were at the University of Akron in Ohio, first partnered with companies in Cleveland Ohio to provide networking and security services for state and local government accounts and private enterprise accounts.

But Ejiogu wanted more than just a successful small company, so he relocated to New Jersey to begin a 10-year partnership with AT&T Labs.

There, he designed, implemented, and secured network infrastructures and solutions for much larger government entities and enterprise customers. His experience, along with his teammates, was critical to landing and executing a multibillion-dollar contract with the Department of Defense.

And then, Melvin muses, he began to learn “…how the big boys do business.”

The “big boys” were not afraid to invest in people, processes, and tools – the keys to growing a business that already provides high-quality services. Ejiogu decided to leave AT&T and take VeeMost “off autopilot.”

To do that, Ejiogu opted to go public. “Free advertising,” Ejiogu says. “Shareholders become your first-line customers and your first sales force.”

VeeMost, which has specialized in architecting, deploying, and managing secure digital solutions and platforms to accelerate and enhance business efficiencies for increased profitability, also expanded into India and West Africa, looking to gain some market share there as well.

It launched its own cloud services and solutions and today provides full life-cycle management for companies’ digital transformation journey to the cloud – from initial consultation and assessment to full migration and cloud management. They launched a tool called VeeShield Cloud Security, which is a suite of cloud-delivered products to protect customers from malicious content, malware, and other attacks.

At about the same time, VeeMost launched an innovation Hub Center that focuses on researching and developing new solutions to enhance its partner companies’ products and services. Those partnerships are strategic alliances with Palo Alto Networks, Cisco Systems, Splunk, and most of the other industry-leading security vendors.

While VeeMost has recently become an attractive target for acquisition, Ejiogu remains far more interested in increasing value for his shareholders through business expansion and multiple acquisitions.

Maybe it’s the thought that others might not operate the businesses he has grown according to the same moral code – or maybe it’s just because he’s not done growing.

Archives, Global Trade Daily, Technology

Cybersecurity Becomes Job One: Preventing Ransomware Attacks on The Supply Chain

November 15th, 2022 Ryan Ayers Leave a comment

In 2021, ransomware attacks on supply chains became a front-burner issue for businesses, cybersecurity experts and even international governments. During this year, instances of ransomware attacks more than doubled from the previous year, with some 623 million ransomware attacks being recorded worldwide.

In addition to an increase in frequency, ransom attacks began to take on a more nefarious flavor, attempting to cripple food networks, water supplies, fuel distribution networks, and even hospitals and city governments. What this indicates is that the focus of ransomware attacks has largely shifted away from large financial firms and toward manufacturers. Evidence supports this sentiment with records showing that 23% of cyberattacks in 2021 targeted manufacturers.

This significant uptick in supply chain ransomware attacks has made many organizations, including some government agencies, begin to prioritize fighting against this form of cybercrime. Many of these organizations are beginning to collaborate in this fight to make their efforts more effective.

WHAT IS A SUPPLY CHAIN ATTACK?

A supply chain attack is a form of a cyber attack in which a cybercriminal targets vulnerable aspects of a supply chain’s computer systems. The chief aim of these attacks is to gain access to the networks of the victim’s supply chain suppliers and partners. What makes these attacks particularly dangerous is the fact that cybercriminals gain access to the networks of multiple organizations because of a ransomware attack rather than just the victim’s network.

Those particularly vulnerable to these types of attacks include smaller organizations without the resources to implement necessary cybersecurity safety measures. In addition, the COVID-19 pandemic exposed many weak points for hackers to exploit because of the shift to remote work.

TECHNIQUES USED BY CYBERCRIMINALS TO ATTACK THE SUPPLY CHAIN

Some common techniques used by cybercriminals to attack supply chains have become more apparent. Techniques used by cybercriminals to be aware of include:

Phishing: Also known as social engineering, phishing is when a victim is tricked into downloading and opening an infected file. Cybercriminals typically pose as a boss or coworker to convince their victim into doing this.

Malvertising: This form of cyberattack finds the attacker crafting fake online advertisements that victims may click on unsuspectingly. This results in malicious software being run on the victim’s device.

Leveraging vulnerabilities in software code: When there are weak spots in a victim’s software code, cybercriminals can exploit this many ways, such as encrypting information and demanding a ransom to decrypt it.

SUPPLY CHAIN SECURITY’S WEAK LINK: MANAGED SERVICE PROVIDERS

Managed service providers and managed security service providers have been the sources of many breaches of supply chain security. That’s because many organizations place a large amount of trust in these providers and are less likely to be critical about downloading updates from them.

The danger of blindly trusting one’s managed service provider was showcased in the SolarWinds ransomware attack. A management system under the umbrella of SolarWinds called Orion, used by many large organizations, was hacked. Many organizations then unknowingly downloaded a malicious update, giving hackers unprecedented access to the private networks of many large organizations.

WHAT IS BEHIND THE RECENT SURGE IN RANSOMWARE SUPPLY CHAIN ATTACKS?

As a result of the steep rise in ransomware attacks in recent years, many have begun to seek the answer to that question. According to AT&T, these are the five main reasons for the increase in ransomware attacks against supply chains:

Victims are more willing to pay ransoms
Rising international tensions
Expanding networks create more vulnerable points to be exploited
Cryptocurrency has made anonymous payment easier for cybercriminals
Cybercriminals offer ransomware as a service to other criminals without ransomware experience

SUPPLY CHAIN ATTACK PREVENTION FOR ORGANIZATIONS

Although ransomware attacks on supply chain organizations have become more prevalent in recent years, there are ways organizations can safeguard themselves. One of the most effective ways to do this is by utilizing the five-step approach that revolves around the idea that software developers need to ensure their code has as few vulnerabilities as possible. Here are the five steps:

Keep developers updated on cyberattack risks
Make sure open-source development tools are visible and secure
Adopt zero trust security that treats all code as unsafe
Build encryption into all apps
Work with vendors and partners to plug third-party risks

To stop supply chain attacks, software needs to be shipped with little to no weaknesses or vulnerabilities for cybercriminals to exploit. Both vendors and customers of supply chain software can benefit from taking advantage of effective safeguarding techniques. Some of the best and most effective techniques for preventing supply chain cyberattacks include:

Identify and plug third-party leaks
Lock down internal systems and vendor networks by patching all known vulnerabilities
Evaluate partners’ security measures and vendors’ security ratings

While one may be aware that these are goals to work toward, it’s not always obvious how to achieve them. Tools and approaches that can be used to achieve these include:

“Honeytokens” or fake data resources planted on a company’s network to attract attackers and alert the company about suspicious activity. In addition to providing advanced notice of an attack, honeytokens indicate the methods the attackers will use and can sometimes identify the criminal parties.
Privileged access accounts must be managed carefully by implementing a platform that disrupts the path from initial network access to the exfiltration of sensitive data.
Cybercrime awareness training instructs staff on how to detect a phishing attempt, how to protect their login credentials, and how to identify and report breach attempts.
Third-party data leak detection tools prevent ransomware attacks that originate on vendor and partner networks, even when the third party is unaware of the breach.
Encryption of all internal data is one of the simplest ways to discourage cybercriminals, who often prefer to attack systems that are easily breached. Encryption should meet the Advanced Encryption Standard.
Zero trust architecture is a security approach that assumes all activity on the company’s network is malicious by default, so access to sensitive information requires that each connection request meet a stringent set of security policies.
Multiple layers of defense integrate antivirus, multifactor authentication, and attack surface monitoring, among other data security measures. Multilayer security creates operational layers, each of which has unique capabilities and functions targeted at preventing a specific type of threat.

THE WORLDWIDE BATTLE AGAINST CYBERCRIMINALS

Though ransomware attacks have increased on supply chains, it’s estimated that these crimes will increase even more in the coming years. That’s why private organizations and government agencies are prioritizing the fight against ransomware and are helping mitigate the threat of cyberattacks.

In addition, cybersecurity professionals familiar with the latest tools and specialized knowledge in the field are helping supply chains become more resilient against cybercriminals with stronger cybersecurity practices. The strengthening of supply chains benefits not only manufacturers but also consumers and the economies of the entire world.

Author’s Bio

Ryan Ayers has consulted several Fortune 500 companies within multiple industries including information technology, cybersecurity, and big data. After earning his MBA in 2010, Ayers began working with start-up companies and aspiring entrepreneurs, with a keen focus on data collection and analysis.

Archives, Global Trade Daily, Technology, Trucking

Why Do Truckers Need to Care About Cybersecurity?

October 10th, 2022 Emily Newton Leave a comment

Cybersecurity is a rising threat across all industries. Trucking may not seem like the most technologically advanced sector, so many truckers may feel like cybercrime isn’t a relevant risk for them. Despite these preconceptions, all trucking sector workers should take cybersecurity seriously.

Truck fleets today are becoming increasingly reliant on digital technologies. As this trend increases, cybersecurity will only become more important for the industry. Here’s why.

Cyberattacks Can Cause Major Damage

One of the biggest reasons to care about cybersecurity is because of how damaging cyberattacks can be. Small and medium-sized businesses pay $38,000 on average to recover from an attack and enterprises pay $551,000. That’s just the direct costs, too. Indirect losses and expenses total $8,000 for SMBs and $69,000 for enterprises.

As fleets become more reliant on digital technologies, data will be worth more, causing these costs to rise. That trend is already well underway, so truckers must take these risks seriously now.

Monetary losses aren’t the only way that breaches can cause damage in the trucking industry, either. The nation’s supply chains rely on trucking, so any disruption to fleet operations could cause widespread delays and complications. As connected vehicles appear in fleets, cybercriminals could even endanger people’s lives by hacking into internet-connected trucks.

Attacks in the Trucking Industry Are Rising

In addition to being destructive, cybersecurity incidents are also becoming more common. Cybercrime has steadily risen over the past few years and the transportation and logistics sector is becoming an increasingly popular target.

Shipping companies like FedEx and Maersk have lost millions to cybersecurity breaches. Cybercriminals know these businesses perform critical services and face high standards, so they can potentially profit more from a successful attack. Because most cybercrime is financially motivated, this chance at a bigger payday attracts more cybercriminals.

Hackers also like to target the trucking industry because it’s largely vulnerable. Fleets are rapidly digitizing but aren’t accustomed to protecting this kind of technology. As a result, cybercriminals have a higher chance of success, encouraging them to target more of these businesses.

Most Breaches Come From Employee Error

Truckers should also care about cybersecurity because they’re often responsible for successful attacks, not their technological defenses. This issue is the same across industries. Users are always a digital environment’s weakest link because, no matter how advanced technical protections are, someone with inside access can get past them.

While “insider threats” sound insidious, most of these incidents are just a matter of well-meaning employees making mistakes. Workers may use a weak password, making it easy to hack into sensitive information. Alternatively, they could fall for phishing, giving away important data or access to someone pretending to be a trustworthy source.

Technical safeguards are important, but they’re insufficient by themselves. When 95% of cybersecurity incidents involve human error, awareness and careful action from employees are just as, if not more, crucial.

How to Improve Trucker Cybersecurity

These trends make it clear: Truckers need to take cybersecurity seriously. Fleets that recognize this and want to improve their security posture can follow these steps.

Train All Employees Regularly

Given how much human error plays into breaches, employee training is one of the most important steps in trucker cybersecurity. All truckers and other workers in the organization should receive regular training going over the best security practices and threats to watch out for.

Emails are one of the most prevalent methods for online scams in this industry, so email security deserves special attention. Managers or IT staff should go over how to spot phishing emails and similar scams, as well as the consequences of falling for these schemes. Holding regular refresher courses and testing workers’ knowledge will help cement these ideas and good habits.

Limit Access Privileges

Even with regular cybersecurity training, good employees can still make mistakes. Consequently, trucking companies should limit their users’ access privileges as much as possible. If no one person can access everything, one breached account will have less impact.

Each user, device, and application should only be able to access what they need for their job. This concept, called the principle of least privilege, will minimize the damage if the business suffers a successful attack. Considering how common cybercrime is becoming, that’s an essential measure.

Practice Strong Password Management

Limiting access privileges is just half of a two-part process. If users aren’t who they say they are, restricting access to different accounts won’t do much. Consequently, truckers must also practice strong password management to prevent criminals from breaking into their accounts.

Truckers should use long, unique passwords with multiple character types to make them stronger against brute-force attacks. It’s also important to change passwords regularly, just in case one leaks in a data breach. Truckers should also turn on multi-factor authentication (MFA) wherever available, as it stops 99.9% of attacks, according to some experts.

Keep Everything Up-to-Date

Another important security step for truckers is to update all devices regularly. Devices like telematics systems and internet of things (IoT) trackers are becoming increasingly popular, but these can quickly give hackers a way in if fleets aren’t careful.

Cybercrime is always evolving, so software developers need to create new defenses and fix vulnerabilities continually to stay safe. Keeping everything updated ensures devices have the latest of these security protections. Truck fleets should also install anti-malware software and keep it up-to-date.

Have a Recovery Plan

Finally, it’s important to realize that no cybersecurity system is 100% effective. These attacks are too common and too potentially damaging for truckers to assume they’ll never suffer a successful attack. Companies need a formal recovery plan in case something goes wrong.

This recovery plan should include creating backups of crucial data and systems and a communication game plan. Truckers should also rehearse this plan regularly so everyone knows what to do in the event of a breach.

Cybersecurity Is Crucial for Trucking Companies Today

Cybercrime can affect anyone in any kind of company. While it may not seem like it at first, cybersecurity is crucial for truckers and the businesses they work for. Learning why to take security seriously is the first step toward better protection. If more truckers can realize these threats, the industry can become a safer place.

Emily Newton is an industrial journalist. As Editor-in-Chief of Revolutionized, she regularly covers how technology is changing the industry.

Archives, Education, Global Trade Daily

How to Win at Cybersecurity: Become a “Sneaker” CISO

August 10th, 2022 Tony Carothers Leave a comment

To protect against cybercrime, every organization needs to build a culture of information security. To do that, infosec leaders need to become “sneaker CISOs.” There are three elements to security: Technology, people and processes. Sneaker CISOs are more
focused on people and process than on technology.

Too many security professionals today are so deep into the technology that they don’t pay enough attention to the people and processes. I used to be one of them. But technology can’t secure technology. That’s a lesson I learned the hard way when I
started working with public utilities.

Prior to that, I’d been working for government agencies where all we had to focus on was operations. The utility industry was for profit, and so it also had a business side, where systems were being digitized. At the time I started, the operational side was all
analog.

When the operational side started to be digitized, they committed the cardinal sin of connecting their operational technology to their business networks to make their regulatory reporting more efficient. Someone was able to make their way into the operational technology, which is typically not very sophisticated, and began to encrypt the systems that were running it and shut down a gas pipeline. It was quite terrifying.

If they had consulted a security engineer like me, we would have put some safeguards in place before connecting the systems. There’s little technological difference between the Windows 10 used in enterprise and the Windows 10 that the U.S. Air Force uses.

The only difference is people and process. That’s when I realized that in the digital world, everybody in the organization has a role in security.

As a security leader, you need to partner with the people closest to the box, educate them, and empower them to protect the box. That is why the first step in building a culture of information security is always to put your sneakers on, walk around, and get to know the people. Here’s who to meet, what to talk about, and how to build those partnerships:

● Build relationships with the technology owners. Understand their roles and processes, and how they’re using the technology to support them. Respect their specialized expertise, and they will come to respect yours.

● Find people that will champion the cause. When you see things that are being done in a safe and secure manner, find out who’s behind those things. Get to know their mindset and approach and start working closely with them.

● Find your naysayers. In most organizations, there are people who have had bad experiences with information security professionals acting as the “no police” Understand their position, and what kind of conversations you need to have to be able to work together.

● Meet everybody who comes into the organization. Hold regular group and individual security training as part of the onboarding process. This allows you to get an understanding of people’s exposure to security and compliance. For example, somebody who’s been exposed to HIPAA probably has the right mindset, even if they’re joining a new industry.

● Get to know your infosec team members. Explain your position, your approach, and your successes. Often, they’ve come from an embattled culture of infosec vs. everybody else. If you can’t even fathom what a collaborative infosec culture looks like, it’s hard to help create one.

● Become a consultant. Like me, many infosec professionals come out of government, where if people don’t follow policy, there are penalties. In the enterprise, you can no longer rely on that authoritarian stance toward policy. You have to call out the vulnerability, explain the risk, and offer potential solutions.
Then you say, “What are your thoughts?”

● Stay in your swim lane. Many security professionals see a vulnerability and they say, “you’ve got to fix iT” If it doesn’t get fixed, they can’t let it go. They don’t realize they don’t get to make those decisions. There are always business risks outside of information systems that have to be weighed and balanced when deciding how to allocate budget and resources. Our job is to educate, inform and
remediate, if the organization wants us to. Stay in your lane and you’ll stay sane.

As a security professional, it’s very rewarding to fix a vulnerability or thwart an attack. It’s a big part of why we get into the profession in the first place. But we have to realize that we can’t secure anything within the organization on our own.

Real security comes through a groundswell of collaborative effort. It’s more rewarding when the lights come on and people start to understand that they have an active role in the security effort. Attending the annual security training, updating your passwords and
not clicking on suspicious emails is just the beginning.

Those are broad-based technical vulnerabilities. But everybody has a role that’s dependent on their role within the company. If you’re in AP, for example, you need to be up on the latest business email compromise scams, and have processes in place to spot and defeat them. If you’re working with external vendors, you need to be aware of your organization’s requirements for how they handle your information.

Our job is to break down the us/them barrier, and build those partnerships, because security is a “we” thing. Early in my career, I unwittingly created resistance to security by focusing on rules and technology. Once I changed my approach, most of the barriers
I had been encountering disappeared.

Bugs and vulnerabilities can be fixed, but information security never ends. People, processes, and technology are always changing. We get updates to technology on a monthly basis. Processes are always being evaluated for efficiency and maturity. If you educate and empower the people, the processes can change. The technology can
change, but the mindset stays. And that’s how you build a culture of cybersecurity.

About the Author

Tony Carothers is the Security Systems Engineer at Corpay, a FLEETCOR company. He has over thirty years of experience in information security, working in both the public and private sectors.

Archives, Uncategorized

Cybersecurity Can no Longer be Pushed to Next Year

June 23rd, 2022 Peter Frerichs Leave a comment

Cyberattacks are on the rise. It’s a natural extension of our collective technological advances. We are as interconnected as ever, which naturally results in immeasurable benefits. But it also exposes us to bad actors who will try and benefit from vulnerable systems. The shipping giant Maersk can attest to the latter.

In 2017 the Russian military launched a disk-wiping cyber weapon, NotPetya, with the intent of targeting businesses in Ukraine. Yet, the malware quickly got out of hand and Maersk was one of the companies caught in the crossfire. The firm was rendered defenseless and ended up having to reinstall 4,000 servers, 45,000 PCs, and 2,500 applications over an improbable 10-day period. To put this in perspective, installing something of this magnitude in normal times would take roughly 6 months.

Maersk suffered $300 million in losses and the incident was a real wakeup call for the industry. The concern for shipping is not only individual business operations, but also the residual effects – namely, ports being closed and the subsequent supply chain severely hampered. Organizations worldwide have been conducting internal audits to see just how exposed they are. The measures are considerable, but the exercise starts with five actionable steps.

First is conducting a disaster-recovery planning scenario that spans both physical and digital systems. A good disaster plan accounts for the “craziest” of scenarios and then action steps to mitigate the impact. For shipping, this training should incorporate onshore and at-sea elements to prepare for every potential scenario.

The second is a controversial step – zero-trust. Digitization expansion has rendered the security perimeter obsolete. Personal computing and small-scale businesses rely on firewalls. Large-scale organizations in 2022 require authenticated access at every level. This is challenging for organizations working remotely or in a hybrid environment Yet, if implemented with a clear, shared security-first goal for the entire organization, zero-trust turns into a transparent policy that ends up fostering trust in the system.

Third, and closely aligned with zero-trust, is security is now everybody’s problem. The National Institute of Standards and Technology (NIST) provides a host of resources on how to enhance cyber-security in organizations of all sizes. Much of their literature is free and also readable – something key if you’re seeking security buy-in from everyone at the firm.

The Colonial Pipeline attack took down the largest US fuel pipeline in May 2021. After negotiation, the company paid a hacker group roughly $4.4 million in Bitcoin. It was a stunning turn of events, and believe it or not, an ineffective password policy is what let the hackers in. Simple steps such as mandating a multi-factor authentication process and regular compromised credentials screening could have stopped the hackers in their tracks. These are simple (and cheap) measures coupled with software updates and security patches.

Lastly, training, training, training. All of the above will not work unless employees receive regular training. The arsenal of attacks is ever-changing and the cost-benefit analysis of failing to train can rear its ugly head at any time. These are critical first steps that large firms have the funds for and smaller firms need to budget for. Cybersecurity can no longer be something for future generations to address.

Archives, Commentary, Global Trade Daily, Software

Cyber-Security Takes Its Rightful Place At The Forefront of Multinational Corporation (MNC) Growth Strategies

March 11th, 2022 Sam Amsterdam Leave a comment

Over the last few years, cyber-attacks have become more and more prevalent across the United States and no doubt in the global news cycle. ‘Ransomware’ has become a household name and in short, found its potential to hold America and its businesses hostage.

From the attack on the JBS meat plants to the Colonial Pipeline, the correlative effects are clear and present to both small enterprises and multinationals.

The potential for digital warfare to spill beyond Russian and Ukrainian IP addresses should serve as additional notice that companies need to be thinking pragmatically and be on high alert.

Atlantic Data Security is a Cybersecurity solutions provider that manages, consults, and offers wholescale security protection solutions. Named the “Most Promising Cyber Security Solution Provider by CIOReview,” Atlantic Data Security can analyze all types of system configurations, then recommend, deploy and manage all critical security components of a company’s network.

Scott Kasper serves as the company’s CEO, herein addressing the challenges and opportunities inherent to the industry of cyber and to cyber stakeholders.

Please provide our readership with background on the steer and scale of Atlantic Data Security?SK: Atlantic Data Security has over 30 years of experience in the cyber security industry providing high-level cyber consulting and professional services to some of the world’s top corporations. We also provide end-to-end value from architecture to professional services, managed services, post-deployment support, and consulting.

We have physical offices up and down the East Coast. We partner with the leading suppliers of cyber technology to meet the ever-evolving needs of our clients.

The notion of quasi-‘State Capture’ through ransom-ware has captivated the media cycle as of late. Where are the pain points in an organization assessing their weaknesses against ‘phishing’-oriented and cyber-security threats?

SK: Phishing attacks are considered among the most challenging cyber-security threats faced by all organizations. Regardless of how much you train your employees, or how cautious they are online, there remains a high probability that your company or agency will still be attacked.

Phishers keep developing their techniques over time and as long as there is electronic media, they will find vulnerabilities to exploit. Ransom-ware attacks are becoming daily headlines precisely because they are so prevalent. 360-degree knowledge about your environment is the first step of being prepared for an attack. Here’s our approach:

First, we conduct a Readiness Assessment.

A Readiness Assessment will improve your organization’s ability to respond to a ransom-ware attack quickly and effectively. Our firm is made up of experts who have extensive experience in cyber-security and incident response (IR) plans. We will review your IR plan, capabilities, and technologies. If you don’t have such a plan, we’ll help you craft one. Our consultants will highlight gaps and identify areas for improvement to bolster your readiness and strengthen your overall cyber defense capabilities.

Here’s what we’ll do as part of our typical Assessment:

1. Analyze relevant firewall and network device configurations for security weaknesses;

2. Review user activity logging and audit configurations to prepare for a potentially broader investigative efforts;

3. Review network and endpoint security monitoring solutions and processes;

4. Evaluate email and web filtering options and configurations to prevent phishing attacks and malicious payload delivery;

5. Review access and privileged access controls and processes; and

6. Evaluate overall vulnerability and patch management controls and processes

Next, we’ll teach you to run a Ransom-ware Tabletop Exercise.

Performing the Ransom-ware Tabletop Exercise will improve your organization’s ability to quickly and effectively respond to a ransom-ware attack. At Atlantic Data Security, we will design and facilitate a ransom-ware attack tabletop IR exercise. We base the exercise on the many investigations our IR team will have performed to test your readiness by means of a simulated attack.

We also educate and train your teams to practice IR processes and workflows. It is important to keep up-to-date on modern day attack techniques to evaluate effectiveness in, and be ready for, real-world scenarios.

Where are the opportunities for industry growth in the arena of cyber security?

SK: At Atlantic Data Security, the opportunities for growth are nearly infinite. We are building a generation of expertise in an area where real world experience is frighteningly rare in the existing talent pool. While it is said there is a zero percent unemployment rate in cyber, that fact does not take into account the dearth of practically tested experts. We provide that real world experience because we’ve been there since the beginning.

Today there is an even greater need for top-level, defensive talent. With increased use of the cloud and the accelerating rate of people working remotely, the market needs professionals trained and experienced in keeping organizations safe.

Where does Atlantic Data Security seek to expand within the course of five years’ time?

SK: Atlantic Data Security is poised for vibrant growth over the next five years. Towards the end of 2020, I was tasked with engineering our business practice to take fuller advantage of our primary resources – our consultants. Atlantic Data Security’s long history and background puts us in the unique position of being one of the top cyber consulting firms in the world.

Like the business management firms McKinsey, Boston Consulting Group and Bain & Company, Atlantic Data Security is becoming the leader in cyber consulting.

As we grow, we are investing in 5 key areas:

Brand name: Our brand is our promise to our customers. We see it as our responsibility to provide advice, guidance, and assistance to protect against cyberattacks with proactive, focused, industry-relevant threat intelligence. That’s why our name gives our clients the confidence that comes from knowing their business is secure.Strategy work: At Atlantic Data Security, we focus on strategy work, which is the cutting-edge of consulting work in the cyber industry. We also partner with other leading cyber agencies and leaders to ensure we are providing the latest and absolute best advice and counsel to our clients.

Strong client relationships: Advising and standing by our clients for over three decades, we have built very long-standing relationships. Atlantic Data Security has a history of client retention because we put tremendous value on client trust and on the quality and impact of our work. We feel as though we are truly an extension of each of our clients’ team, and that is how we work.

Investment in personal development: Atlantic Data Security invests heavily in the professional development of our consultants. Some of our consultants come to us with years of experience, but that is never where the learning ends. Our consultants have the opportunity to learn and develop many skills, both hard skills and soft skills, in a short period of time. Atlantic Data Security believes mentorship is essential and facilitates frequent peering sessions and exposure to best practices among all divisions.

Talented, smart people: Atlantic Data Security hires the smartest, most talented people around. Our clients know that when a consultant is working with them, they are not part of a training cycle or in the middle of a learning curve. We have the most knowledgeable and professional consultants in the industry.

Lastly, in the era of en masse virtualization accelerated by COVID-19 social distancing, how can technology safeguard work-from-home employees of MNCs?

SK: There are a number of ways companies and employees can safeguard work from home especially if they are working for Multinational Corporations. For instance:

For the Employer:

Use a Virtual Private Network (VPN).

The use of a VPN is a fundamental safeguard when users access the company’s network from home or a remote location. A VPN also allows for encryption of data, which adds a level of protection for information such as passwords, credit card numbers and other sensitive or private information. A VPN can also provide a level of anonymity through capabilities such as masking of location data, website history and IP addresses.

Implement Multi-Factor Authentication (MFA).

The simple principle of MFA is that an authorized user must provide more than one method of validating their identity. Even if a cyber attacker has obtained a user ID and password, MFA decreases the risk that an attacker can gain access by requiring an additional means of validation. Multi-factor Authentication uses something you have such as an authenticator app on a smartphone, something you are such as a fingerprint or something you know like a PIN number.

Ensure systems, software, technologies, and devices are updated with the latest security patches.

Employers should track the equipment to be used in a home environment and provide a means of updating software security patches.

For the Employee:

Prevent unauthorized users on company resources (e.g., laptops, mobile devices).

Employees should not allow anyone to access company resources, including family members.

Use only company-authorized devices for remote work.

Personal devices may not have the same level of security and privacy protections as company devices. If your company has a “Bring Your Own Device” policy, be sure that your use of a personal device is in accordance with that policy. This includes home printers and personal email accounts.

Dispose of company documents properly.

Review your company’s records retention and management policies, as well as information management policies, to ensure compliance. If you must dispose of hard copies of company documents, either shred them or securely retain them for proper disposal when you return to the office.

Archives, Global Trade Daily, International Trade

Global Supply Chains Brace for Russia-Ukraine Conflict – Four Major Risks

February 11th, 2022 Jennifer Bisceglie, CEO and founder of Interos Leave a comment

As tens of thousands of Russian troops continue to mass along the Ukrainian border, and with diplomatic talks between the U.S. and Russia yet to bear fruit, the threat of a Russian invasion within the next few weeks appear to be growing.

A Russian invasion of Ukraine has the potential to cause extensive and debilitating disruption across global supply chains, resulting in rising input costs to a heightened threat of cyber attacks (see below).

Today thousands of U.S. and European companies do business with suppliers in Russia and Ukraine, which could be at risk during a prolonged military conflict. Analysis of global relationship data on the Interos platform reveals key findings:

-More than 1,100 U.S.-based firms and 1,300 European firms have at least one direct (tier-1) supplier in Russia.

-More than 400 firms in both the U.S. and Europe have tier-1 suppliers in Ukraine.

-Software and IT services account for around 12% of supplier relationships between U.S. and Russian/Ukrainian companies, compared with 9% for trading and distribution services, and 6% for oil and gas. Steel and metal products are other common items purchased from the two countries.

While the proportion of U.S. and European supply chains that include tier-1 Russian or Ukrainian suppliers is relatively low, at around 0.75%, this figure increases significantly when indirect relationships with suppliers at tier 2 and tier 3 are included.

-More than 5,000 firms in both the U.S. and Europe have Russian or Ukrainian suppliers at tier 3 (representing 2.76% and 2.37% of their respective supply chains).

-More than 1,000 firms in both the U.S. and Europe have tier-2 suppliers based in Ukraine, with around 1,200 dependent on suppliers at tier 3.

Supply chain and information security leaders in U.S. and European organizations should review their dependence on Russian and Ukrainian suppliers at multiple tiers as a key first step in their efforts to assess risk exposure in the region and ensure operational resilience.

Four Major Risks for Global Supply Chains

In the event of a Russian invasion of Ukraine, there are four major areas where global supply chains could be negatively impacted:

1. Commodity prices and supply availability

2. Firm-level export controls and sanctions

3. Cyber security collateral damage

4. Wider geopolitical instability

1. Commodity price increases. Energy, raw material and agricultural markets all face uncertainty as tensions escalate. Russia provides over a third of the European Union’s (E.U.) natural gas, and threats to this supply could force up prices at a time when companies and consumers are already facing higher energy bills. Natural gas supply pressures likely would spike volatility in other energy markets too. By one estimate, an invasion could send oil prices spiraling to $150 a barrel, lowering global GDP growth by close to 1% and doubling inflation. Even lower estimates of $100 a barrel would cause input costs and consumer prices to soar.

Food inflation is another risk, with Ukraine on track to being the world’s third largest exporter of corn, and Russia the world’s top wheat exporter. Ukraine is also a top exporter of barley and rye. Rising food prices would only be exacerbated with additional price shocks, especially if core agricultural areas in Ukraine are seized by Russian loyalists.

Metal markets may also continue to be squeezed. Russia controls roughly 10% of global copper reserves, and is also a major producer of nickel and platinum. Nickel has been trading at an 11-year high, and further price increases for aluminum are likely with any disruption in supply caused by the conflict.

2. Firm-level Export controls and sanctions. Commodity cost pressures could be exacerbated by targeted U.S. and European export controls. The use of such controls to restrict certain companies or products from supply chains has soared over the last few years. While many have been aimed at Chinese companies, a growing number of Russian firms have been earmarked for export controls for “acting contrary to the national security or foreign policy interests of the United States”.

Prominent Russian companies already on a U.S. restrictions list include Rosneft and subsidiaries and Gazprom. Extending export controls and sanctions to Gazprom’s subsidiaries, other energy producers, and key mining and steel market firms could further impact supply availability and input costs. Not surprisingly, U.S. companies and business groups are urging the government to be cautious in how it applies any new rules.

U.S. and E.U. export controls would also likely target the Russian financial sector – including state-owned banks – if an invasion takes place, and may be a tactic for deterrence as well. U.S. officials have noted that any sanctions would be aimed at the Russian financial sector for “high impact, quick action response”.

3. Cyber security collateral damage. Entities linked to malicious cyber activity may also face further repercussions from the U.S. and its partners. Ukraine is certainly no stranger to Russian cyber aggression. Russia has twice disrupted the Ukrainian electric grid, first in December 2015 leaving hundreds of thousands of Ukrainians in the cold, and then again the following year. But destructive attacks on the country’s infrastructure could also spark significant collateral damage in global supply chains.

In 2017, the NotPetya attack on Ukrainian tax reporting software spread across the world in a matter of hours, disrupting ports, shutting down manufacturing plants and hindering the work of government agencies. The Federal Reserve Bank of New York estimated that victims of the attack, which included companies such as Maersk, Merck and FedEx, lost a combined $7.3 billion.

This figure could pale in comparison to the global supply chain impact of a Russia-Ukraine military conflict, which would inevitably include a cyber element. Whether Russia would target its cyberwar playbook at U.S. or E.U. targets in retaliation for any support to Ukraine remains hotly debated. But the Cybersecurity Infrastructure and Security Agency (CISA) has been urging U.S. organizations to prepare for potential Russian cyber attacks, including data-wiping malware, illustrating how the private sector risks becoming collateral damage from geopolitical hostilities.

4. Geopolitical instability. Just as cyber warfare would be unlikely to remain within Ukraine’s borders, so the destabilizing effect of a Russian invasion could have wider geopolitical ramifications. In Europe, a refugee crisis could emerge, with three to five million refugees seeking safety from the conflict. In Africa and Asia, rising food prices could fuel popular uprisings. Of the 14 countries that rely on Ukraine for more than 10% of their wheat imports, the majority already face food insecurity and political instability.

China is watching closely to see how the world responds if Russia invades Ukraine. The superpower has its own aspirations of seizing territory and extending its sphere of influence. Taiwan’s defense minister has remarked that tensions over Taiwan are the worst in 40 years. A Russian invasion could further embolden China to enlist military tactics against Taiwan – something that, as well as its far-reaching geopolitical implications, would have a significant impact on electronics and other global supply chains.

***

Although many of these risks may not materialize, and represent a worst-case scenario, executives should be thinking now about the potential impact of a Russia-Ukraine military conflict on their operations over the coming months. These same leaders need to ensure that appropriate contingency plans are in place for their most critical supply chains and riskiest suppliers in the region.

Risk mitigation strategies include:

-evaluating required levels of inventory and labor in the short to medium term;

-discussing business continuity plans with key suppliers; and

-preparing to switch to, or qualify, alternative sources for essential products and services.

With proper analysis, planning and execution, it is possible to mitigate significant risk and ensure operational resilience.

Archives, Global Logistics, Global Trade Daily, News, Warehousing

Siemens Offers Turnkey Logistic Solutions for Material Handling Processes at MODEX 2022

February 9th, 2022 Siemens Leave a comment

Siemens will exhibit at MODEX 2022 in Atlanta at the Georgia World Congress Center from March 28-31, 2022. MODEX is the premier supply chain event, attracting industry professionals from across the globe.

Highlights will include the new SIMATIC MICRO-DRIVE, designed for ultra-low-voltage applications, in a demonstration of an automated guided vehicle (AGV). Also featured will be the new SINAMICS G115D, a recently released distributed drive system, specifically designed for conveyor applications.

Displays in the Siemens booth will include drives for motion control, material handling and intralogistics applications that are controlled by SIMATIC PLCs with unified HMI panels and integrated safety, all programmed in the Siemens Totally Integrated Automation (TIA) Portal. Additional topics in the booth include Industrial Edge and cybersecurity.

Another highlight will focus on a project Siemens recently completed for a customer in Kentucky. Siemens supplied a fully automated mega warehouse with 200,000 pallet positions as a turnkey project which distributes laundry and home care products to 60% of the U.S. market, with all logistics operations performed at this production site. The benefits Siemens offered, in addition to all mechanical deliveries, include a modular automation standard by SIMATIC, SINAMICS, SIMOTICS and SIMOGEAR standard components and INTRALOG TIA software modules resulting in increased delivery reliability (on-time and defect-free.)

Archives, Commentary, Global Trade Daily

E-Commerce Fraud up by 178% over the Holidays: Trends and Predictions

January 28th, 2022 Gergo Varga Leave a comment

A recent report recorded a rise of 178% in malicious e-commerce fraud websites observed from October to December of 2021, compared to the rest of the year.

What caused this impressive rise, how does this affect businesses who accept online payments, and how is the fraud landscape looking moving forward?

Malicious Shopping Websites on the Rise

Set up to coincide with the pre-holiday shopping period, an average of 5,300 new, malicious e-commerce websites per week were recorded from October to December, according to a report published by Check Point Research.

These scam websites were set up to resemble legitimate e-shops, often spoofing the appearance and branding of popular online shopping destinations, such as Amazon and Michael Kors. Customers would arrive by clicking through fraudulent emails or advertisements. They would get tricked into buying something, believing it was a legitimate product from a legitimate shop, at which point the criminal would acquire their card details and not ship them anything. Others tried to lure customers in through social media and hijacked accounts of friends and family.

This type of scam obviously targets consumers, in an attempt to steal their credit card details. However, a rise in this type of fraud also affects businesses, in several ways.

Here is how:

-Many of these stolen credit cards are later being used on legitimate e-shops, causing chargebacks. Each chargeback costs a business an estimated 2.60-3.20 times the price of the products lost, even if not believed to be the fault of the business.

-Chargeback ratio increases for stores where stolen cards are used. This incurs higher bank fees and even potential blacklisting of the merchant.

-The general drop in the trust of affected consumers in online card-not-present transactions can take a toll on the market in general.

-Extensive fraud brings reduced buying capacity for affected consumers, which affects commerce on a macro scale.

-Major rises in online fraud can make merchants overcautious, increasing false positives and declines for those who manage their own rules – and thus increasing customer insult rates.

-Customers who file a chargeback are more likely to do it again within two months, often at a new retailer (at a rate of 40% per Chargebacks911).

Fraud Trends 2022: Criminals Are Getting Bolder

It’s obvious that fighting fraud on a larger scale is of benefit to every company involved in the online economy rather than solely the persons or companies affected by individual cases. And, to that is added the obvious increase in fraud targeting merchants directly, with 75% of organizations across the world reporting an increase in fraud attempts over the past two years, per a 2022 report by MRC.

The good news is that it’s not only the fraudsters who are getting more sophisticated. Fraud prevention technology and methodology has progressed by leaps and bounds in recent years, reflecting the exponential increase in fraudster activity. As elaborated in a writeup on e-commerce fraud by SEON, fraudsters no longer only target stores dealing in luxury items and electronics. Every business can be a target, no matter whether it sells physical or digital goods. In fact, some of the most common methods of attack have been with us long before the internet; they’ve just been updated.

But which types of fraud are on the rise in 2022? Merchants are well advised to be on the lookout for the below, as well as always consult with their fraud vendors and/or analysts as soon as they notice any suspicious activity.

1. Return Fraud

Return abuse is an umbrella term that encompasses different methods, including ‘wardrobing’ – when customers buy clothing with the intention of wearing it once or twice and returning it – and receipt fraud – when someone falsifies receipts in order to return merchandise for a profit.

Return fraud may be an old avenue for criminals and amateurs alike, but it is still on the rise. According to Shopify, in the US, approximately 10.6% of all merchandise bought in 2020 was returned. That goes to show how important it is for businesses to be able to tell fraudulent from genuine returns. Per the same source, reducing returns overall could save the entire retail industry up to $125 billion a year.

The prevention of return fraud starts with efficiency in inventory management and sales records. The more accurate and organized your records, the less likely it is for an attempt to be successful. Some stores put new policies in place, such as weighing returned items. But it also has to do with accurately evaluating risk by assessing the intentions and legitimacy of shoppers using methods such as digital footprinting and device fingerprinting.

2. Triangulation Fraud

A little more complicated but equally popular with contemporary fraudsters, triangulation fraud actually has a very low barrier of entry, meaning it could be set up by criminals of varying skill and experience levels.

Triangulation fraud involves three parties: a legitimate customer, a legitimate e-shop and a fraudster.

1. The fraudster creates an e-shop website or adds fake products on eBay, Amazon Marketplace or similar platforms.

2. A buyer tries to buy from a fake online store, giving the fraudster their card details.

3. The fraudster buys the same product from a legitimate online store using a stolen credit card, and provides the legitimate buyer’s shipping address.

4. The buyer receives the item from the real store, but soon notices other charges on their card (as the fraudster has stolen their details).

5. The buyer starts a cashback process with their bank.

6. The legitimate merchant is hit with the chargeback, both losing the item and the money it costs.

Chargebacks are a very common pain point for businesses. As Zoho explains, they can be linked to actual mistakes by the shopper or merchant, but they also often accompany fraud. For example, a card owner charged for a fraudster’s transactions will request a chargeback, while some shoppers will use the chargeback process itself to keep both their money and the product (friendly/first-party fraud).

Although shopping and payment platforms such as Shopify and Stripe may have some built-in tools to stop fraudsters, these are not adept at catching triangulation fraud in particular. For this type of more sophisticated scheme, dedicated fraud prevention solutions are more suitable, deployed by the merchant to protect their own as well as their customers’ interests.

3. Account Takeovers

An ATO, or Account Takeover, is simply when a fraudster acquires access to an existing account belonging to a legitimate customer. This can be done through various methods such as phishing, brute-forcing and cross-site scripting.

What is making all the difference in 2022 is that the stakes have been raised. A few years ago, taking over someone’s account allowed a criminal to use it to conduct further fraud, perhaps to sign up somewhere, but there was rarely anything worthwhile within – always depending on the type of account hijacked.

Today, however, the public is increasingly encouraged to save their payment card details online: on their accounts on e-shops like Amazon and TK Maxx, in their browser profiles, in digital wallets made possible by open banking protocols, and on other digital accounts. As a result, a successful ATO is much more likely to yield usable credit or debit card details, which the criminal may use in the same store or elsewhere.

In their writeup on this phenomenon, NordVPN stresses how major breaches even in high-trust companies such as British Airways, back in 2018, have resulted in customers’ card payments details being stolen. Certainly, the size and reputation of a company is no guarantee that consumers’ card details are safe.

And, of course, the reputation of a company suffers greatly once it has been involved in such an incident. The public is already concerned about sharing personal information such as their full address and phone numbers – and payment details have so much more potential to cause harm. It does not matter whether the blame lies with the company, as in the British Airways example above, or perhaps with the customer, in the case of someone using a very weak account. The results are still detrimental to the business.

What’s more, the criminal may attempt to use (or test) the stolen cards on the spot, bringing more cashback troubles for the already unfortunate merchant.

There are simple steps to take as the first line of defense, like asking (or forcing) one’s customers to use multi-factor authentication, which is much more complicated to hijack. In the merchant’s backend, to mitigate against such an attack, end-to-end anti-fraud solutions deploy technologies such as machine learning, online footprinting via reverse email and phone number lookup, behavior analytics, velocity checks and device fingerprinting. Gathering hundreds of different data points, a fraud prevention platform gauges the level of trustworthiness or risk for each individual user and transaction, keeping out bad actors.

Key Takeaways

Overall, e-commerce fraud is clearly on the rise in 2022 – and beyond, according to predictions. Fraudsters are eager to take advantage of every opportunity and become early adopters of new technology, though they will also adapt and tweak tried-and-tested methods to get the upper hand. Sophistication is central to this challenge: As online fraudsters become increasingly sophisticated, so ought we.

________________________________________________________________

About the Author

Gergo Varga has been fighting online fraud since 2009 at various companies – even co-founding his own anti-fraud startup. He’s the author of the Fraud Prevention Guide for Dummies – SEON Special edition. He currently works as the Senior Content Manager / Evangelist at SEON, using his industry knowledge to keep marketing sharp, communicating between the different departments to understand what’s happening on the frontlines of fraud detection. He lives in Budapest, Hungary, and is an avid reader of philosophy and history.