Ted McKendall

Attacks targeting payment information are nothing new, it is, afterall, the fastest way to a payday for criminals. But in 2018, tactics escalated somewhat and we saw a large number of well-known companies hit by Magecart attacks – where malicious JavaScript is injected into web pages, allowing criminals to collect and steal payment data directly from browsers on their customers’ devices. While these attacks aren’t new, they have been gaining popularity and, so far, have proven effective, with companies from British Airways to Ticketmaster to Newegg falling prey.

 

Now Symantec has released a new report looking at just how prevalent these attacks have become. According to the report ‘formjacking’ attacks affected more than 4,800 unique websites each month, and more than 3.7 million attacks on endpoints were discovered in 2018. Perhaps unsurprisingly (cyber criminals are savvy) almost a third of attacks detected were in November and December, just as shopping for the holiday season was picking up pace.

 

Again, these types of attacks aren’t new (RiskIQ has previously said it had been tracking one group since 2015), however, they have risen massively in popularity. As with the ‘great ransomware outbreak of 2017’, cyber criminals will adopt techniques that are shown to be effective, jumping on the bandwagon to get a piece of the pie. Incidentally, Symantec also found that ransomware attacks had decreased by 20 percent – the biggest fall since 2013.

 

Thinking outside the box

 

As security tightens and people become more aware of how to keep themselves safe, cyber criminals have to take new avenues to pay the rent. Take phishing – there was once a time when a bereaved Nigerian prince offering his fortune with no more commitment than providing your bank details was an effective means of attack. These days we’ve become much more aware (for the most part) and so devising and executing new attack methods is required. The rise in Magecart attacks at the same time as a decline in ransomware is no surprise. Thanks to some huge and very well publicised ransomware attacks, most are now better at defending against them. Welcome Magecart …

 

One of the challenges the security industry has faced for years is the speed of change at which criminals operate. While vendors are creating and releasing endpoint protection tools that beat ransomware, the criminals have moved on. There will be security solutions to defend against Magecart, but the criminals are devising their next attack vector already.

 

How to beat them at their own game

 

Instead of reacting to new threats when they appear, the security industry needs to take a far more proactive approach and assume that threats are going to be present on an endpoint. It doesn’t matter what those threats are or where they’ve come from, if they are trying to intercept transactions they can be stopped. We don’t need to (and probably can’t) stop all instances of malware from installing, but its activities can be rendered useless.

 

Trusted Knight’s Protector Air does exactly this – it’s a cloud-based solution that is invisible to the end user and stops data from being stolen. It has zero trust that endpoints are safe, yet at the same time has zero friction for the end user.

 

Want to find out more? Click here to request a free trial. Click here

 

If you’re heading to RSA, then why not come and visit us? We’ll be at booth #3442 and can talk in more detail about how Protector Air works and why it’s the only unified solution that can effectively prevent data theft from your website.

 

 

 

blog-post-logo