Despite more resources and investment being ploughed into data security, cybercriminals are still successfully stealing businesses’ data.
One group of hackers known as Magecart were found to be the cause of at least 319,000 data breach instances in 2018, according to RiskIQ’s Black Friday e-commerce Blacklist report.
These JavaScript-sniffers (JS-sniffers) deploy a type of malware, whereby websites are injected with malicious JavaScript, designed to steal customer PII and have been found lurking on thousands of hacked websites.
With the development of mobile experiences and marketing features such as chatbots, the threat is accelerating. While businesses want to offer customers new ways to enhance the user experience, millions of consumers using payment cards to buy online could be putting their data in jeopardy.
The marketplace for stolen data
The increase in data theft is fuelled, in no small part, by the dark web. Previously, criminals would sell their stolen goods via a network of shady contacts. This dark corner of the internet does much the same job, but, is far more dangerous.
Operating under the anonymity afforded by trading in cryptocurrencies, the dark web is where data is bought and sold for a price. Often confused with the deep web, the dark web is very different and far more sinister, specifically referring to criminal activity taking part in an unindexed part of the web.
Data varies in value on the dark web. For example, according to the RSA’s cybercriminal shopping list, bank account details can be sold for anything from $3 to $24 – for access to a variety of consumer accounts from bank to retail accounts. Also, personal information that cannot be easily changed such as a credit card or bank account is reportedly of more value to cybercriminals and drives a high price on the dark web.
However, the dark web isn’t just a place to buy or sell stolen data; it also promotes and enables cyberattacks by making hacking tools easily and cheaply available to anyone with a computer – making it a threat to all web security.
Research by Virtual Private Network (VPN) comparison service Top10VPN.com in 2018, showed that fraudsters can access hacking tools on the dark web for the cost of a cheap takeaway coffee. For instance, entry-level hacking tools, such as ready-made phishing pages that use software to compromise Wi-Fi networks and files to help hack passwords, all go for less than $3.95 (£3) on the dark web. But even comprehensive hacking toolkits can be picked up for around $130 (£99).
Many experts believe that the depths of the dark web will only continue to grow, meaning data owners will face even greater threats and consequences in the future if they do not have the right measures in place to mitigate risks.
As we’ve seen from Magecart conquests such as Ticketmaster, AeroGrow and others, the fallout of website data breaches can be devastating – from affecting brand reputation and losing customer trust to hefty fines. While the cost of a data breach varies considerably based on factors such as location, industry, compliance considerations, third-party involvement and insurance protection, the average cost in the UK has risen by 8% over the past year – reaching nearly £2.7m, according to the latest IBM report.
Prevention is better than cure
One of the simplest ways to protect a website from any threats is by identifying where possible vulnerabilities lie. Regular auditing will flag the detection of changes to the original code and will help security teams identify potentially harmful changes to the website and supply chain.
Businesses must monitor their third-party technologies. This is an area that hackers often look to exploit and are overlooked by businesses globally. Organisations must understand which third-party JavaScript is operating on the website, where it’s being loaded from and what pages these scripts are on, as well as understand what data they are collecting so they can take the required action. This insight can help companies whitelist and manage approved third parties.
But auditing alone will not prevent a breach. Vigilance needs to be complemented with technology solutions that control the access and permissions of every third-party JavaScript vendor running on web pages.
There’s no doubt that the dark web is growing and fuelling cyber attacks on businesses. The value of data is rising and so criminals will look at developing new, sophisticated ways to break through companies’ defences. Those businesses that do not put the right precautions in place will learn, as other brands have done, that the consequences of a data breach are critical.
