Online transactions a juicy target

Organised crime groups are using increasingly sophisticated cyber attacks as they step up their assault. These crime groups are also recruiting hackers in an online freelance marketplace in order to breach IT systems and carry out customised cyber attacks. Organisations that are susceptible to significant risk are the ones that leverage online transactions to conduct business, such as banks, government agencies and retailers.

There has been a massive increase in online transactions across Asia Pacific, with no signs of it slowing down. For example, in the retail industry, Forrester Research predicts that e-commerce in the Asia Pacific region's five largest markets – China, India, Japan, South Korea and Australia – are close to the figure for online retail in the  US and Western Europe combined. By 2018, online sales in the five markets are expected to more than double from 2013 to $US858 billion. However, this growth is being matched by an exponential rise in sophisticated cybercrime.

An advanced, tech-savvy criminal underworld has emerged, using information sharing and data-theft tools to bypass security systems. A survey of Forbes Global 2000 companies found 92 per cent had incurred data breaches over a 12-month period with the global cybercrime black market now costing the industry an estimated $US104 billion a year.

But it's not just the big players that are under threat. Small-to-mid sized businesses are particularly vulnerable to cyber attacks as they often lack the resources and expertise to analyse traffic patterns and identify unusual activity in their networks. In such an environment, organisations that deal with online transactions should be adopting a mindset of ‘when' rather than ‘if' they will be targeted – and plan accordingly.

Evolution of a smart enemy

Any online transaction that captures personal or financial information is at risk of being infiltrated. Organised cybercriminals are constantly inventing new and smarter ways of penetrating security controls to steal personal information.

Another disturbing trend is the practice of organisations relaxing their security when they need it most – during peak periods. Many go into ‘IT lockdown' when they place a freeze on changes and updates to their IT security to avoid the risk of key systems being interrupted. As a result, they are more vulnerable than ever – and the results can be disastrous.

Managing the threat

Any organisation, irrespective of size, that accepts a customer's confidential details must ensure compliance and meet accepted security standards to minimise fraud and cybercrime.

Organisations also need to remember that reputations and brand identity are at risk if something goes wrong. Customers want to feel that their information is in safe hands when conducting online transactions, especially with the brands and institutions they trust. Organisations owe it to them to proactively think about safeguarding their systems or run the risk of severe damage to their reputation and sales.

Combatting cybercrime requires an integrated security approach that incorporates proactive planning and risk management strategies. The goal is to disrupt the entire lifecycle of an attack. That means investing more in prevention and real-time threat detection for the application layer, as well as the hardware and software interface. How an organisation responds is important when a breach, or anticipated breach, is identified and how to react instantaneously to minimise and contain the attack.

Organisations need to ensure that they have the following defences covered to help protect themselves against cyber attacks:

Trust but verify – Ensure users are who they claim to be using two-factor authentication or other strong authentication methods for log-in and verification of account access.

Identify threats and vulnerabilities – Scan applications and networks to prevent intrusion. This should include known vulnerabilities requiring patches, updates to enterprise firewalls and intrusion systems, and periodic penetration tests to ensure the vulnerabilities are closed.

Employ web app scanning and monitoring – The greatest benefit of online transactions is 24 hour access and that requires round-the-clock security monitoring. Ongoing security testing is also important for mobile apps.

Planning for the worst

Because security incidents can come from a variety of sources, it is nearly impossible for enterprises to prevent a breach. But through an integrated approach it is possible to lower any exposure to risk, reduce security-related costs and gain greater control of the situation.

Organisations should be working towards a solution that spans the entire security lifecycle, ranging from proactive planning and risk management strategies to immediate response measures. Priorities include:

• A clear plan of processes and policies for the collection and analysis of evidence following a security incident.

• Adherence to regulatory compliance for use in legal investigations and audits following an incident.

• Efficient backup and recovery to mitigate the consequences of data loss or deletion.

A swift response is paramount in the event of a cyber attack for the protection of both the organisation and customers. If confidential information has been stolen it is important that customers know as soon as possible so they can inform their credit card suppliers. This step also safeguards the business during any subsequent investigation when questions of security must be answered accurately to defend against legal infringements.

Mitigating the risks

No organisation involved in e-commerce is safe from today's highly sophisticated and organised cybercrime. Organisations cannot hope to totally eliminate the risk of a cyber attack without sacrificing important functionality necessary to operate the organisation.

Security is an ongoing process of responding to changing technologies and new threats, and balancing security measures against operational needs. By treating cybercrime as a major business threat and planning accordingly, organisations can significantly reduce their attack surface, substantially mitigate risks and prevent damages associated with a successful attack.

Daniel Biondi is the chief technology officer, Financial Services, Enterprise Services for HP South Pacific