CyberInt Reports for 2019 - Bolder Cyber Attacks to Occur Against Digital B2C Businesses

TEL AVIV, Israel, January 9, 2019 /PRNewswire/ --

CyberInt reports that as more value is transferred through digital channels, the more they become a target for cyber criminals in particular for B2C businesses who engage with their end customers across multiple channels, both their own as well as partner based.

As we move forward to 2019, credit card and payment information theft will continue to rise as more and more attacks go after businesses' digital footprint - digital assets or channels they employ to interact with their customers. While not surprising, if organizations can better address the reasons for that growth, they'll be better prepared.

Here are some of the reasons for the ongoing vulnerabilities:

• Third-party components - Many businesses use third-party components within their digital business environment - shopping carts, for example - and cyber criminals exploit vulnerabilities within these components to breach security walls.

• Better organization & sophistication by threat actors - The bolder cyber attackers become, the more organized and sophisticated their campaigns in terms of tools, tactics, and procedures (TTP) and the greater the magnitude of their attacks or the longer it takes to detect and mitigate them.

• Lack of real-time monitoring and response - Frequency of attacks is increasing; this will continue n perpetuity; only real-time monitoring and fast mitigation will be able to protect organizations
  
  
  

• More script-based malware (like in the recent Magecart attacks) instead of executable malware - Attackers are now using higher level languages that can easily bypass existing protection mechanisms. The malware simply looks like normal code to the defense system.

• Lack of CISO empowerment - The role of the organization's top security executive should be much more prominent, with CISOs providing greater business value (i.e., fraud and reputation protection) and assuming greater involvement in activities that were once in the CFO's or CMO's purview in terms of fraud, reputation and legal affairs.
  
  
  For example, the CISO's role in GDPR compliance, implementation, and enforcement within the company - ensuring the standard of due care required from organizations to protect information - cannot be overstated.

• More legitimate infrastructure being used as platforms for attacks - More and more attackers use legitimate addresses and domains that are harder to detect and harder to block - advanced techniques that obscure attackers' bad behavior and cover up their tracks.
  
  For example, a known streaming service or social media platform uses command and control to take a "safe" URL and transform it into a page phishing for credit card data.

Getting around this problem requires more targeted threat intelligence and more sophisticated detection and response platforms and, if need be, outsourced, cyber expert-based managed services.

In short, 2019 will see more sophisticated threat actors, more intensified attacks and, yes, more advanced security technology that will, in turn, require greater skills and capabilities.

About CyberInt

CyberInt eliminates potential threats before they become crises by looking at all online activities and digital assets from an attacker's perspective and provides managed detection and response services to customers worldwide. Leveraging Argos^[TM] real-time digital risk protection platform with a global cyber expert analyst team, as well as managed SOC, managed EDR, threat hunting, deep dive investigations, and real-time incident response services, CyberInt provides holistic end-to-end protection to digital businesses in retail, ecommerce, gaming and financial industries. https://www.cyberint.com/

A similar version of this content appeared in VMBlog in November 2018.  

For further information, please contact: 
Amy Kenigsberg
K2 Global Communications
[email protected]
+972-9-794-1681 (+2 GMT)
+1-913-440-4072 (+7 ET)

SOURCE CyberInt

[ Back To TMCnet.com's Homepage ]