Thursday, March 21st, 2019
Cybersecurity is a huge worry for businesses. For more and more companies, it has become a day-to-day struggle as the threat of data being hacked and breached increases. Each day, these threats become more common in the workplace.
To make matters worse, recent research suggests that the majority of businesses have unprotected data and weak cybersecurity practices in place. Without realizing it, their data is sitting vulnerable to attack. Even the smallest hack on a companies’ website results in lost time and money.
According to a university study, researchers found a hacker attack occurs every 39 seconds. While some of these attacks are on personal computers, others are specifically targeted at businesses. Other statistics show that:
- 100,000 groups in at least 150,000 countries – and more than 400,000 machines – were infected by a virus in 2017, with a total cost of around $4 billion.
- In addition, the average cost of a malware attack on a company is $2.4 million.
- Damage related to cybercrime is projected to hit $6 trillion annually by 2021.
Clever Trojan Becomes the New, Big Malware Threat
As if business owners did not have enough threats to worry about, a new malware threat has stolen the spotlight. Criminal gangs are using IcedID, as it is called, to tap into the malware’s ability to launch different attack types. First discovered and named by IBM in 2017, IBM has recently analysed IcedID to examine how it is being used to target U.S. e-commerce vendors.
IBM has shared that “The threat tactic is a two-step injection attack designed to steal access credentials and payment card data from victims.”
“Given that the attack is separately operated, it’s plausible that those behind IcedID are either working on different monetization schemes or renting botnet sections to other criminals, turning it to a cybercrime-as-a-service operation, similar to the Gozi trojan’s business model,” the post goes on to say. (Gozi is a type of financial malware.)
According to IBM, the typical targets are banks, payment card providers, mobile-services providers, payroll, Web mail and e-commerce sites. IBM explains that the operators behind IcedID are after the heftier bounties business accounts possess, rather than those typically found in consumer accounts.
“IcedID’s operators are most likely in Eastern Europe,” Limor Kessem, IBM executive security advisor, says in an email to Digital Transactions News. “According to X-Force research of the malware [X-Force is IBM’s security research service], the operators are believed to be Russian speakers.”
How to Protect Your Business from Cyber Threats
Experts say that protecting against the malware is simple: be proactive. Retailers must find a way to block the malware’s Web injections. A huge part of achieving this is partnering with a payment processing provider equipped to help protect your business against threats. It’s also critical that you take the time to update privacy policies, install firewalls, backup data and educate your employees.
If you need more information on merchant account providers and how to protect your business and customers, be sure to browse the information Best Payment Providers has to offer. Find card issuers and information on how they can help protect your company from cyber-attacks.
Topics discussed in this article:
- Cyberthreat