Leading security expert Brian Krebs says hackers are launching more attacks on ecommerce websites after security measures introduced for physical credit card transactions
Ecommerce websites are experiencing a surge in cyberattacks, according to one of the world’s leading authorities on cybercrime, Brian Krebs.
Speaking at the SpiceWorld 2019 conference in Austin last week, the journalist and bestselling author told IT professionals that not only are cyberattacks on the rise, but the hacks are now more lucrative than ever for cybercriminals.
This is due to it being much harder today for criminals to steal physical credit card data, thanks to the move to more secure chip-based card infrastructure.
“In every country that’s done this before us [the US], they’ve seen the same thing. When you make it hard for the fraudsters to fabricate physical counterfeit cards, they don’t just go away and pack it in – they go somewhere else. Every country that’s experienced this shift saw a major spike from [using] counterfeit cards in-store and buying stolen merchandise to attacking the online merchants and using their customers data to buy stuff online,” said Krebs.
Dump vs. CVV data
Data historically stolen from bricks and mortar merchants with the help of malicious software or scammers is called ‘dump’ data. That data has been worth up to $25 to criminals but has recently been averaging around $15 per card.
In contrast, the customer data stolen from online retailers is called CVV, which has typically been worth less than half the value of dump data, “mainly to do with how much work is necessary between buying the dump and actually cashing out,” explains Krebs.
However, as it’s becoming more expensive for thieves to fabricate and successfully use dumps over the course of the last year, demand has caused the CVV price to increase and more cybercriminals to focus on hacking ecommerce websites instead.
“We saw last summer prices equalizing around $10 and now they’re currently utilized around $15 each,” said Krebs. “This dynamic, this kind of vortex helps explain why we have seen such an enormous increase in the number of ecommerce sites getting compromised over the last year. It’s been off the charts.”
Importantly, Krebs noted that many times hackers access the customer data through vulnerabilities in the website itself. “More commonly, the bad guys will find a vulnerability in a third-party library or component like a script in the checkout process or something like that. Once they compromise that third-party script, they compromise every site that runs that script – that’s probably the most common way that these attacks happen.”
This accounts for the shocking rise in Magecart attacks; a hacking group behind the surge in supply chain or third-party attacks on ecommerce websites over the past couple of years. Victims include Ticketmaster and publisher Forbes – where digital skimming software was injected onto their websites after compromising a third-party vendor – as well as the Atlanta Hawks online store, and more recently the booking websites of two chain-brand hotels.
Moreover, one in five Magecart-infected stores are re-infected, as seen with luxury mattress company Amerisleep, which was originally breached by Magecart in 2017 and was attacked again in December 2018, and a third time in January 2019.
“Now’s a good time to take a close look at what you’re doing if you’re doing business or you’re selling stuff online; it’s a good time to think about that,” said Krebs.
The value of CVV and dump data shows no signs of slowing down and with attacks on ecommerce websites rising, ensuring that your customers’ payment information is protected should be a priority to avoid the impact of a data breach. Get in contact to learn how the Ensighten website security solution will protect your website from the growing threat of Magecart and other digital skimming cyberattacks.
Founded in 2009, Ensighten is the global cybersecurity leader providing client-side protection against data loss, ad injection, and intrusion while enhancing website performance.