With Cyber Monday behind us and the holiday shopping season in full swing, consumers around the world are busy shopping for everyone on their list this year. However, this massive influx of online purchases has gained the attention of cybercriminals looking to exploit the holidays for their own gain.
TechRadar Pro spoke with Carbon Black's Chief Cybersecurity Officer Tom Kellermann who provided further insight on the tactics used by cybercriminals and how shoppers can protect themselves online this holiday season.
1. Why is Cyber Monday such an attractive target for cybercriminals?
The emergence of Cyber Monday, as a phenomenon, came about as a result of changes in consumer consumption habits. Retailers, looking to maximise their sales opportunities, dedicated a day just to online shopping and consumers now come in their droves to take advantage of the sales and discounts on offer. However, this elevation in online noise – some reports suggest that $6.6bn was spent by US consumers on Cyber Monday in 2017 - also provides the perfect smokescreen for cybercriminals to take advantage of unsuspecting shoppers. As we know, criminals follow the money and there is plenty of ill-gotten gains to be had on Cyber Monday and throughout the holiday period.
One point that is often missed is that cybercriminals aren’t just targeting consumers who shop online, but businesses as well, many of which are understaffed and, in the case of retailers, approaching their busiest time of year.
2. What tactics are cybercriminals using to scam consumers this holiday season?
According to the Carbon Black Threat Analysis Unit (TAU), the majority of these attempted holiday-related cyberattacks are the result of commodity malware, commonly delivered through spear-phishing campaigns.
In recent years attacks targeting major retailers (often through supply chain partners) have resulted in the loss of millions of customer records and credit card numbers as well as major breach costs for targeted organisations.
3. How can consumers protect themselves from falling victim to a phishing attack?
Three ways to spot a spear-phishing email include:
Evaluate the Email’s Basic Hygiene: Regardless of who is sending an email, be sure to do a brief check to ensure the sender’s domain and email address are accurate and known to you.
Determine the Email’s Content & Motivation: Any requests for personal or financial information should be viewed with extreme caution, especially in business settings where attackers are keen to use spoofed emails from executives to target lower-level employees.
Attachments & Link Landmines: Attackers will often use links inside of attachments to target victims. Unexpected emails from banks, a shipping provider, or even a friend, should require additional insight and verification.
4. What safeguards should consumers and businesses have in place to protect themselves from cyber threats?
It’s a global trend that cyberattacks are becoming more frequent and more sophisticated, as nation state actors and crime syndicates continue to leverage fileless attacks, lateral movement, island hopping, and counter incident response in an effort to remain undetected.
This issue is compounded by resources and budgeting. Not only is there a major talent deficit in cybersecurity, there is also a major spending differential. It’s estimated that the underground cybercrime community spends upward of $1 trillion annually on developing attacks. By comparison, worldwide businesses are spending about $96 billion to protect themselves which amounts to defenders being outspent by a ratio of 10 to 1 – a staggering and sobering statistic.
The million dollar question is really, “what can Italian businesses do to redress a situation where, at present, adversaries hold a distinct advantage?” Cybercrime groups are better funded, greater in number, and acting with increased sophistication.
In our recent threat report ‘Hacking, Escalating Attacks and the Role of Threat Hunting’, we concluded that proactive threat hunting is an essential activity in today’s threat armoury. A multidisciplinary team should be anticipating the potential weaknesses and viable attack paths not just within the organisation, but across the information supply chain, to get a step ahead.
In today’s digital environment success is less about waiting for the inevitable attack and more about establishing enterprise visibility, augmented by threat hunting and intelligent incident response, plus ensuring that we are deploying protection mechanisms that can detect and stop advanced attacks.
From a consumer perspective it is all about adopting a more cybersecurity conscious posture that incorporates personal phones, email, password managers, securing Wi-Fi, updating software, using secure browsers, etc.
5. Why does public Wi-Fi pose a danger to consumers shopping online?
As much is it might be tempting to enjoy a hot latte and do all of your holiday shopping from your favourite coffee shop, avoid using public Wi-Fi while doing any shopping. With public Wi-Fi anyone with some computer acumen can view what you are browsing and steal your personal information.
The biggest risks are posed by unsecured public Wi-Fi networks, which are those that can be connected to within range and without any type of security feature like a password or login. Secured public Wi-Fi can also be a risk, but consumers would be well advised to avoid accessing personal bank accounts or sensitive personal data on any unsecured public networks.
6. Do you think more of an emphasis will be placed on cybersecurity next holiday shopping season?
We sure hope so. Following the Thanksgiving holiday, notable cybersecurity alerts spiked on Black Friday/Cyber Monday in 2017 and remained at elevated levels through the new year; global organisations encountered a 57.5% increase in attempted cyberattacks during the 2017 holiday shopping season. During a similar time period in 2016, attempted cyberattacks increased above normal levels by 20.5%. Based on this existing precedent, we expect the same trend to continue, if not increase, during future holiday shopping seasons.
Tom Kellermann, Chief Cybersecurity Officer for Carbon Black
- We've also highlighted the best antivirus to help you stay safe online this holiday season