‘Tis the season to be hacked

As retail stores ramp up their online offerings to entice shoppers, companies need to be on guard. A common belief is that hackers target individual accounts, but this needs to be “mythbusted”. The real purpose of an increasing number of attacks on online retailers (as much as financial institutions) is in fact to hold these organisations at ransom and so squeeze currency from them.

“This is commonly known as bitcoin ransom in the industry,” explains Lukas Pelser, technical manager at South Africa's leading value-added distributor, Networks Unlimited. “It’s a ‘pay up or we post consumer details’ scenario. The most infamous attack of this type being the recent Ashley Madison case.”

According to a New York Times article: For ransom, bitcoin replaces the big bag of bills, “Criminals like the virtual currency because it can be held in a digital wallet that does not have to be registered with any government or financial authority - and because it can be easily exchanged for real money.” 

So how do these criminals do it? In simple terms, they generally launch a small attack to render a website unserviceable, thus taking it offline. During this downtime – where the retailer is losing both consumers and revenue – an e-mail is sent demanding a bitcoin ransom. “Payment in bitcoins can be high with one bitcoin going for R8,000. If the demand is ignored, the ransom could be upped or a full-on distributed denial-of-service (DDoS) attack launched and the threat realised,” says Pelser.

Retailers thus need to be prepared for this type of malicious attack, especially at this time of the year where they want to increase traffic to their site. They thus need to educate themselves on what a bitcoin is and how they will handle an extortion demand.

“Of course, the best method is to be adequately protected should this happen to you. Hackers are not just targeting large retailers in Europe or America, but also enterprises across Africa and smaller businesses, with the top five targets being e-commerce, government, and gaming and financial services organisations. Although many may start as opportunistic attacks, it is always better to be safe than sorry,” warns Pelser. “It has therefore become absolutely necessary to strengthen your defence so that your network is not flooded by the attack and crashes under the strain, and that your customer details remain protected. Unfortunately, many security technologies deployed as little as two years ago no longer provide adequate protection. New technology has however been engineered specifically for today’s DDoS attacks.”

He highlights Arbor Networks APS, which was named best security hardware solution at the 7th Annual Golden Bridge Awards at the start of December 2015, as a powerful solution for companies to guard themselves from DDoS attacks. “The solution is designed to stop attacks immediately while giving control back to the enterprise. It offers full protection from DDoS attacks and botnets out-of-the-box; enables an easy and fast setup for immediate protection; and its flexible deployment and control ensures inline blocking or off the tap for detection,” says Pelser.

To enjoy a festive season that is more “ho, ho, ho” than “oh, no”, enterprises need to realise that DDoS attacks are no longer just a bothersome niggle, but they impact businesses on numerous devastating levels. Whether DDoS attacks cause saturation upstream, state exhaustion or service outages, and in many times in all three; the end result remains: critical services are no longer available and your profit is on the line.