Online transactions under attack

Organized crime groups are using increasingly sophisticated cyber attacks as they step up their assault. These crime groups are also recruiting hackers in an online freelance marketplace in order to breach IT systems and carry out customized cyber attacks. Organizations that are susceptible to significant risk are the ones that leverage online transactions to conduct business such as banks, government agencies and retailers. 

There has been a massive increase in online transactions across Asia Pacific, with no signs of it slowing down. For example in the retail industry, Forrester Research predicts that e-commerce in the Asia-Pacific region’s five largest markets – China, India, Japan, South Korea and Australia – are close to the figure for online retail in the  US and Western Europe combined. By 2018, online sales in the five markets are expected to more than double from 2013 to US$858 billion . However, this growth is being matched by an exponential rise in sophisticated cybercrime. 

An advanced, tech-savvy criminal underworld has emerged, using information sharing and data-theft tools to bypass security systems. A survey of Forbes Global 2000 companies found 92 per cent had incurred data breaches over a 12-month period  with the global cybercrime black market now costing the industry an estimated US$104 billion a year .

But it is not just the big players that are under threat. Small-to-mid sized businesses are particularly vulnerable to cyberattacks as they often lack the resources and expertise to analyze traffic patterns and identify unusual activity in their networks. In such an environment, organizations that deal with online transactions should be adopting a mindset of ‘when’ rather than ‘if’ they will be targeted – and plan accordingly.

Evolution of a smart enemy Any online transaction that captures personal or financial information is at risk of being infiltrated. Organized cybercriminals are constantly inventing new and smarter ways of penetrating security controls  to steal personal information.

Another disturbing trend is the practice of organizations relaxing their security when they need it most – during peak periods. Many go into ‘IT lockdown’ when they place a freeze on changes and updates to their IT security to avoid the risk of key systems being interrupted. As a result, they are more vulnerable than ever – and the results can be disastrous.

Managing the threat Any organization, irrespective of size, that accepts a customer’s confidential details must ensure compliance and meet accepted security standards to minimize fraud and cybercrime.

Organizations also need to remember that reputations and brand identity are at risk if something goes wrong. Customers want to feel that their information is in safe hands when conducting online transactions, especially with the brands and institutions they trust. Organizations owe it to them to proactively think about safeguarding their systems or run the risk of severe damage to their reputation and sales.

Combatting cybercrime requires an integrated security approach that incorporates proactive planning and risk management strategies. The goal is to disrupt the entire lifecycle of an attack. That means investing more in prevention and real-time threat detection for the application layer, as well as the hardware and software interface. How an organization responds is important when a breach, or anticipated breach, is identified and how to react instantaneously to minimize and contain the attack. 

Organizations need to ensure that they have the following defenses covered to help protect themselves against cyber attacks:

Trust but verify – Ensure users are who they claim to be using two-factor authentication or other strong authentication methods for log-in and verification of account access.

Identify threats and vulnerabilities – Scan  applications and networks to prevent intrusion. This should include known vulnerabilities requiring patches, updates to enterprise firewalls and intrusion systems, and periodic penetration tests to ensure the vulnerabilities are closed.

Employ web app scanning and monitoring – The greatest benefit of online transactions is 24 hour access and that requires round-the-clock security monitoring. Ongoing security testing is also important for mobile apps.

Planning for the worst Because security incidents can come from a variety of sources, it is nearly impossible for enterprises to prevent a breach. But through an integrated approach it is possible to lower any exposure to risk, reduce security-related costs and gain greater control of the situation.

Organizations should be working towards a solution that spans the entire security lifecycle, ranging from proactive planning and risk management strategies to immediate response measures. Priorities include: •    A clear plan of processes and policies for the collection and analysis of evidence following a security incident.  •    Adherence to regulatory compliance for use in legal investigations and audits following an incident.  •    Efficient backup and recovery to mitigate the consequences of data loss or deletion. 

A swift response is paramount in the event of a cyber attack for the protection of both the organization and customers. If confidential information has been stolen it is important that customers know as soon as possible so they can inform their credit card suppliers. This step also safeguards the business during any subsequent investigation when questions of security must be answered accurately to defend against legal infringements.

Mitigating the risks No organization involved in e-commerce is safe from today’s highly sophisticated and organized cybercrime. Organizations cannot hope to totally eliminate the risk of a cyber attack without sacrificing important functionality necessary to operate the organization.

Security is an ongoing process of responding to changing technologies and new threats, and balancing security measures against operational needs. By treating cybercrime as a major business threat and planning accordingly, organizations can significantly reduce their attack surface, substantially mitigate risks, and prevent damages associated with a successful attack.

Bruce Dahlgren, Senior Vice President and General Manager, Enterprise Services Asia Pacific and Japan, HP