Kaspersky omment: Billabong and Quiksilver suffer data breach
This morning that Billabong and Quiksilver suffered a data breach. Please see below for comment from David Emm, Principal Security Researcher at Kaspersky, about what UK retailers can do to strongarm against these attacks in the lead up to this year’s busiest shopping period.
“Cyber-attacks, of the sort impacting Billabong and Quiksilver, should seriously worry all retailers, especially as they ramp up for this year’s busiest shopping season – an attack of this proportion has the potential to cripple a business. With the sheer volume of shoppers turning to online retailers around Black Friday and Christmas, retailers need to be on red alert. This is effectively hunting season for cybercriminals now, and they are on the prowl for unprotected systems – to steal business or consumer data or to prevent a company’s normal operations. It is absolutely crucial that businesses ensure their cybersecurity measures are as stringent as they can be, and that their customers are as protected as possible.
“People need to be reassured that their data and personal information is safe, or they will be less inclined to shop online. Businesses should take a step back and re-evaluate their IT security strategy and insure there is a full lifecycle security plan in place, entailing: education for employees, the best defences to protect against attacks, and the most reliable tools for zero-day detection.”
Kaspersky Lab advises businesses to do the following in order to remain resilient and secure their systems:
1. Secure the business using Internet security software – our research has shown that one in three people (30%) do not protect their devices with security software.
2. Educate your employees about the risks associated with opening up dangerous email attachments from unknown sources, as well as the importance of maintaining strong passwords.
3. Make sure to apply security updates to your operating system and applications as soon as they are available. The best way for an organisation to combat cyberattacks is by putting in place an effective cybersecurity strategy, before becoming a target.
4. Use a unique, complex password for every online service the organisation provides. Otherwise, if one is stolen, all of your accounts will be put at risk. To create strong hack-proof passwords without having to face the struggle of remembering them, use a password manager such as Kaspersky Password Manager.
5. Always use a secure connection – only use secure Wi-Fi with strong encryption and passwords, or apply VPN solutions that encrypt the traffic.