Advanced, context-aware security helps combat cyber-attacks that bypass conventional defenses
Lancope, Inc., a leader in network visibility and security intelligence, reminds retailers to remain vigilant with confidential data this holiday season. Last year, the weeks surrounding Thanksgiving were rife with high-profile attacks against retailers, including the largest retail hack in U.S. history. Due to the unusually high amount of financial transactions being made, days like Black Friday and Cyber Monday are extremely opportunistic for cyber criminals.
“We have seen throughout 2014 that cybercrime never stops,” said TK Keanini, CTO at Lancope. “But believe it or not, attacks are likely to escalate even further in the coming weeks. This holiday season, we might even see some ransomware attacks as cyber criminals become increasingly bold. While security should never be a passive process, now is the time for retailers to be especially proactive in monitoring their confidential data and assets for any unusual activity.”
By now, most retailers should be aware that they need to do more than the status quo when it comes to protecting their networks and customer data. Firewalls, antivirus, IDS/IPS and SIEM all have their place in the cybersecurity ecosystem, but they fail to deliver the full picture of network activity needed to quickly identify and thwart attack attempts. Retailers need to be able to see exactly what is going on within their networks if they ever wish to adequately protect them.
Behavioural-based technologies like Lancope’s StealthWatch® System can fill in the gaps left by conventional defenses by turning the network into a sensor grid for detecting suspicious traffic. The StealthWatch System is a context-aware security solution that draws on a variety of sources to create a more complete picture of network activity, including application and user identity details, for improved incident response. By collecting valuable data from across the entire network, the StealthWatch System can help organisations uncover a wide range of attacks used to infiltrate retail systems, including POS malware and insider threats.
Since it leverages existing infrastructure, the StealthWatch System allows retailers to economically monitor hundreds of remote stores and POS systems in real time without having to install an expensive security appliance at each location. The system also includes built-in alarms for anomalies including ‘suspect data loss’ and ‘suspect data hoarding,’ which can help pinpoint the network behaviors often associated with data breaches.
According to Steve Mould, Senior IT Architect at Experian, “Lancope’s StealthWatch System is a product that provides so much insight into what is really happening within your network.” In addition to detecting advanced attacks in real time, the StealthWatch System also creates forensic audit trails that can be crucial investigative resources in the event of an attack.
Alongside improving threat detection and incident response, retailers must not forget about the importance of employee, contractor and customer education and communication as a key piece of their cybersecurity puzzle. Social engineering is a widely used attack technique, and even the most secure environments can be easily breached when someone clicks on a bad link or opens an infected file. In fact, several of the major breaches over the past year were reported to be caused by compromised insiders. Additionally, if consumers are tricked into opening fraudulent emails claiming to be from a retailer, that retailer will unfortunately suffer reputational consequences even if they had no knowledge of the email.
“While the holiday season is a particularly good time to become more aggressive about security, retailers should be on guard all year long and not just during this peak shopping time,” added Keanini. “Cybercrime knows no season, never sleeps, and is the most profitable international crime to operate. Additionally, cyber criminals often plan their holiday attacks months or even years in advance, so it’s best to employ comprehensive security practices year round.”