Targeted attacks on big retailers are becoming all too common, but what can be done about it?
Mark James, ESET IT Security Specialist, looks at whether retailers are getting weaker or hackers are becoming more advanced and who the responsibility of protected our data lies with.
Are hackers getting better, or are retailer’s defences getting weaker?
“Hackers are definitely getting better, or maybe more advanced is a better description, when this happens any shortfalls in the defences of retailers are brought to light.
“Stopping cyberattacks is a mixture of established defences, knowledge of current and predicting future attacks and being able to react quickly, adapting as needed.
“Of course one of the biggest problems is not knowing if you have done enough until the attack happens, for the retailers to be successful they have to stop every attack every time: the bad guys only need to be successful once.”
Is it down to the consumer to be more careful, or is it the retailer’s responsibility?
“We all have the responsibility to be careful.
“We would not have the same key for our house, car and office building so why have the same password for multiple logins; if we limit our attack surface then we give the bad guys less of a chance of hitting the jackpot.
“If the data retrieved from one data breach is unable to be used in another attack then it’s bordering on useless.
“If you apply the same process to emails, online and telephone scams as we do to door-to-door salesman or PPI claims then we stand a better chance of being safer.
“Take a breath and ask yourself “does this seem too good to be true” or even does this actually apply to me? Do some research, make an enquiry of your own, if it is legit it will definitely still be available in an hour or two.
“Retailers want to keep your data safe, they don’t want to alienate you and need your custom to survive, but they can only do so much and it’s up to us to strengthen that by doing everything in our power.
“This may include but is not limited to extra features such as: password managers, two-step verification, unique passwords, software and hardware security updates, all of which will limit the criminal’s options in using your data from a breach.”
Do you think responsibility lies with the retailer or yourself? Let us know on Twitter @ESETUK.
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.