Over the past year, three out of every four companies on average have suffered one or more cyberattacks. Of those, Kaspersky Labs has noted that there has been increasing focus on attacks via DDoS and POS systems. The company has warned of an increased likelihood that cybercrime may affect retailer Christmas revenues this year.
According to Kaspersky Labs, research has shown that over the past year there has been a marked uptrend (up to 16%) in attacks involving DDoS and in which point-of-sale system (POS) vulnerabilities have been exploited.
Already in 2017 there have been significant cybersecurity breaches reported in the payment systems of major brands: from Chipotle to Hyatt Hotels and recently, Forever 21. Kaspersky Lab also registered a considerable increase and geographic spread in botnet DDoS attacks in the third quarter of 2017, with targets in 98 countries (compared to 82 in Q2), according to the latest DDoS Intelligence Report.
This situation is going to be extremely relevant to retail and e-commerce organizations during the intense period of sales around Christmas. As shoppers look to bag their bargains, retailers can expect increased revenues. This in turn makes retailers a lucrative prize, if cybercriminals can stage successful DDoS attacks against them for a ransom, or for dirty competition, use POS systems as an entry point for targeted attacks, or steal customer credentials and money.
“Given this year’s apparent increase in these types of attacks, we recommend businesses – retailers in particular – to stay alert during the Christmas season. These can involve cybercriminals demanding a ransom, or simply preventing an organization from trading, making them lose income and clients as a result,” said Alessio Aceti, Head of Enterprise Business Division, Kaspersky Lab.
To avoid ruining their revenues in the upcoming high sales season, retailers and e-commerce organizations can protect themselves with a range of solutions dedicated to meeting their specific requirements. Kaspersky Lab strongly recommends that retailers:
- Keep e-commerce platforms up-to-date because every new update may contain critical patches to make the system less vulnerable to cybercriminals;
- If possible, make sure that the POS terminals in use run the latest version of software and change the default passwords;
- Use a tailored security solution, like Kaspersky Embedded Systems Security, to protect point of sales terminals from malware attacks;
- Prepare for DDoS attacks by choosing a reliable service provider that is a cybersecurity expert and can protect against powerful and sophisticated DDoS attacks. This is not always possible using in-house resources or Internet providers. To learn about the specialist Kaspersky DDoS Protection offering for SMBs and enterprises, please visit our website.
- Educate customers about the possible cyberthreats they may encounter while shopping online and offline, as well as steps about how to minimize the risks.