How Retailers Can Protect Themselves From Cyber Attacks

The e-commerce industry is booming, generating $231 billion in sales for U.S. retailers last year and is expected to increase 13 percent to $262 billion this year, according to Forrester Research. The growth of e-commerce, which already accounts for about 8 percent of total retail sales in the U.S., is expected to outpace sales growth at brick-and-mortar stores over the next five years, reaching $370 billion in sales by 2017. Retailers are investing in e-commerce strategies and user-friendly, attractive websites to help meet consumer needs and stay competitive. To deal with the demands of contactless payments, in-store point-of-sale (POS) systems are being upgraded to speed up the payment process.

Yet at a time where the success of the industry should be grabbing the headlines, what we're seeing instead is a huge number of articles detailing cyber attacks against retailers. These attacks impact brand reputation, customer confidence and ultimately affect the bottom line of the businesses involved.

Not a day goes by that we don't see an attack on an organization's infrastructure in one way or another. Over the last few months, there have been several high-profile attacks on retailers such as Home Depot and Target. These attacks have been carried out using a variety of different methods, with POS malware being involved in many cases. Millions of credit card numbers have been compromised and made available to criminals, with significant costs for credit card issuers due to fraudulent transactions and lost customer trust in the retail brands involved.

On top of this, distributed denial-of-service (DDoS) attacks continue to target e-commerce websites, causing slowdowns and availability issues. DDoS attacks are on the rise, with the largest ever DDoS attacks in terms of traffic volume occurring in the first half of 2014. According to Arbor Networks’ ATLAS threat monitoring infrastructure, there were an unparalleled number of volumetric attacks in the first half of 2014, with over 100 attacks larger than 100GB/sec reported.

DDoS attacks target an organization's network, infrastructure and applications by using multiple sources to generate traffic toward a target at the same time. These sources can be a part of a botnet or they can be valid servers out on the internet being used to reflect and/or magnify attack traffic. The traffic arriving at the target can saturate connectivity, impact network infrastructure (e.g., firewalls and load-balancers) and target applications directly — all dependent on the nature of the attack. Unfortunately, attackers have access to both tools and commercial services to make launching attacks easy, whatever their motivation may be. For retailers, the result is the same regardless of the attack type. If not protected, this could translate to lost revenue, increased operational cost and a damaged brand.

How to Protect Your Organization From a Cyber Attack
In the same way that retail has protected itself from physical theft with security such as CCTV and electronic tags, measures must be put in place to provide protection against cyber attacks.

The most effective form of protection comes from a combination of external services, network perimeter defenses, internal monitoring, and appropriate processes and training. All of these are equally important, however many organizations aren't adequately prepared. In fact, earlier this year research carried out by the Economist Intelligence Unit indicated that only 17 percent of surveyed organizations felt fully prepared to deal with a cyber security incident.

To deal with the DDoS threat, retailers need to take a multilayered approach to protection. This includes cloud-based protection to stop high-volume attacks, combined with on-premise protection that stops low-volume, stealthy attacks as soon as they start — and before there's any impact to the customer experience.

To deal with threats targeting customer data, organizations should monitor the communications right across their networks and use threat intelligence data from their vendors and service providers. By leveraging the skills and broader visibility of specialist security organizations, and correlating their information with network activity, retailers can get early warning of any suspicious or malicious activities that warrant further investigation.

A Victim of its Own Success
Retail companies are now a major target for cyber criminals due to three key reasons: the proliferation of technology that now supports the growth of the online retail market; the increase in volume of transactions being processed; and the rise of data stored increasing on a daily basis. With this in mind, there's never been a more fitting time to assess your network's capabilities and bolster your defenses against an increasingly complex threat landscape. Consider the following tips:

• Businesses need specialized, layered defenses to deal with DDoS attacks. General security solutions may not help, and in some cases might be targeted by attackers.
• Cloud-based DDoS protection is needed to deal with high-volume attacks that can saturate internet connectivity.
• Network perimeter protection is needed to deal quickly with any event, and before there's a customer impact.
• Organizations should monitor "across" their networks, as well as "at" the perimeter to detect suspicious and malicious activities wherever they occur.
• Organizations must leverage the broader visibility and specialist skills available to them within their vendors and service providers.

Deploying security products to deal with threats is only a part of what needs to happen. Employees must be trained regularly and processes put in place to deal with any detected incident.

Rakesh Shah is the senior director of product marketing and strategy at Arbor Networks, a provider of DDoS and advanced threat protection solutions.