October 15, 2019 By BlueAlly
Every October we review issues that are highlighted by annual cybersecurity awareness efforts across the globe. This year those topics include things like traveling tips, workplace security, and staying safe when buying new technology. You can see more information about all of these topics on the National Cybersecurity Awareness Month (NCSAM) website here and the European Cyber Security Awareness Month (ECSM) website here. Today we'll briefly cover the risks around eCommerce and a crime that is commonly referred to as e-skimming.
Put simply, e-skimming is the act of stealing credit card data and other personal information as it is being entered into an online form. In the context of eCommerce, this would normally happen when a customer logs in to an online account or enters payment and delivery information at checkout.
E-skimming can be accomplished in a number of ways. Common attacks include malicious code being inserted into third-party plugins or shared JavaScript libraries. Criminals also run automated scans to find eCommerce and other websites that are vulnerable to known exploits, and they deploy their attacks based on the results of these scans. The Magecart attacks on sites like Ticketmaster, Forbes, British Airways, and others, are examples of e-skimming by way of a shopping cart or other online form.
Any eCommerce business can fall victim to an e-skimming attack. If you run a site that collects credit card information or other personal data, you owe it to yourself and the users of your site to make the site as secure as possible. Here are some NCSAM tips on protecting your site:
- Perform regular updates to payment software
- Install patches from payment platform vendors
- Implement code integrity checks
- Keep anti-virus software updated
- Ensure you are PCI DSS compliant
- Monitor and analyze weblogs
- Refer to your Incident Response Plan, if applicable
If your site is compromised, activate your incident response plan immediately. If you do not have an incident response plan, consider prioritizing the following steps:
- Quarantine the compromised application to prevent further data loss
- Investigate the incident and evaluate the damage. Be sure to look for any additional attacks or remaining malware on your network or websites.
- Report the incident to the appropriate law enforcement authorities so that they can take action. In addition to local law enforcement, this should include ic3.gov (FBI) in the US and https://www.europol.europa.eu/report-a-crime/report-cybercrime-online (Europol) in the EU.
For more information on how to protect your e-commerce site and other web forms, visit the following resources:
National Cybersecurity Awareness Month e-skimming download
Barracuda Web Application Firewall website and Application Security blog
October is recognized as CyberSecurity Awareness Month (NCSAM) in the US and CyberSecurity Month (ECSM) in the EU. These are collaborative efforts between governments and industries to raise awareness about various cybersecurity issues and to educate members of the public so that they can do more to keep themselves safe online.