By Aaron Branson, VP of Netsurion
It’s expected that Americans will drop about $90 billion this Black Friday, and as we have seen in the past, where there is a profit — there are cybercriminals. Even though the busiest brick-n-mortar shopping day is just around the corner, retailers need to start thinking ahead about how to best protect against potential cyber threats next year in the first quarter, when things slow down again.
Cybercriminals apparently have no problem hacking into a POS system and siphoning off credit-card data for months undetected. But here’s the thing: The going rate for stolen credit-card data on the black market is in decline.
If a major retailer was unable to ring out a single consumer on Black Friday, what ransom would they be willing to pay? How many millions in revenue would they lose even if they recovered without paying the ransom?
Beyond the threat of ransom, Radware’s research found that a single cyberattack costs a retailer an average of $1.6 million, and that 77 percent of retail executives admitted their security strategies were influenced by the fact that their companies already had suffered a data breach.
It’s very apparent that retailers of all sizes need to be armed with better tools and increased cyber intelligence to ward off and detect to these kinds of attacks. And for those that may have some of these tools on their tool belts already, they should consider finding partners to work with to enhance their monitoring of these tools. It’s vitally important to have the ability to more closely watch the data that passes through a corporate network in order to have a better chance of preventing breaches from occurring in the first place, or at least minimizing the damage by stopping it sooner than later.
Gone are the days when a typical firewall could be set up once and run without constant monitoring, tweaking and ensuring the data coming from it was correlated with other systems. Some of these breaches may look like normal web traffic coming out of the firewall, and other attacks can even seem like legitimate DNS traffic, which might pass right by the typical unmanaged firewall. It takes a different approach to stop some of these advanced attacks, and many products and service providers simply don’t have the ability to stop them before they do real damage.
The latest string of breaches, however, confirms that retail security requires a new approach, beyond the minimums of maintaining PCI compliance and implementing a managed firewall. For a comprehensive tool belt to stop cybercriminals before they do real damage, retailers should consider implementing the following:
Segmented networks. Merchants still need to protect themselves against POS system infiltration attacks targeting cardholder data. A multilayer security strategy is necessary. Retailers must start by segmenting their POS networks, using next-gen firewalls to block data exfiltration and implement constant monitoring and endpoint threat detection. If nothing else, dwell time of such an attack would be reduced to hours or days. After all, many attacks have persisted for almost a year, just as we have seen in previous massive card breaches.
For example, make sure your POS data traffic is separate from …