As we discussed in our recent blogs about supply chain risks and ways to mitigate those threats, cyber attacks are becoming increasingly more prevalent.
Symantec’s Internet Security Threat Report indicates there’s been a 78% increase in cyber attacks on supply chains, where attackers add malicious code to software to disrupt supply chains and steal data.
A new and increasingly common attack method is formjacking, which is particularly troublesome for online retailers and eCommerce sites. Formjacking allows attackers to compromise third-party services—everything from chatbots to widgets to payment processors.
According to Symantec, almost 5,000 websites are compromised with formjacking code every month.
Symantec’s report further reveals that in 2018, 4,818 websites were compromised with formjacking every month.
Just one compromised credit card can be sold underground for up to $45. If attackers successfully steal 10 credit cards from each target site, they could earn more than $2 million each month off stolen cards.
Symantec blocked almost 4 million formjacking attempts last year, with most of those coming in the last two months of 2018—the height of online holiday shopping.
In the News: Magecart
Magecart received the most media attention for being the biggest formjacking exploit that targeted major online retailers including Ticketmaster and British Airways.
RiskIQ said Magecart compromised more than 800 e-commerce sites by installing formjacking code on third-party services. In the case of Ticketmaster, it was a chatbot used for customer support. When customers went to the Ticketmaster website, the chatbot loaded malicious code to web browsers to gobble up credit card information.
With formjacking, it’s not just credit card numbers that are stolen. They’re also gathering up personal data including names, usernames, mailing addresses, phone numbers, email addresses, and more.
SMBs Under Attack
Symantec says it blocks almost 6,500 formjacking attempts each day.
And while attacks on these large companies get a lot of media coverage, small and mid-size businesses are common targets. In 2018, 66% of small businesses had a cyber attack with 58% effectively breached. Check out this related Assurance blog that highlights some of the key reasons hackers go after small businesses.
Formjacking is an emerging threat for organizations, but it’s not unique. Carbon Black’s “Global Incident Response Threat Report: The Ominous Rise of Island Hopping & Counter Incident Response Continues” shows that about half of all cyber attacks today use island hopping, where attackers don’t just target one network, but instead move around those connected through a supply chain.
Which industries are the most likely targets? The reality is all, but Carbon Black says within 90 days of its report respondents saw:
- 70% of attacks in the financial industry
- 61% in healthcare
- 59% in manufacturing, which was an increase of nearly 18% from the previous quarter
Reducing Impact with Business Continuity
Carbon Black indicates 70% of all attacks involve lateral movement attempts among networks, so it’s important to include all of your vendors, including second- and third-tier, in your BC planning.
As supply chains continue to expand from more than sending and receiving material goods to also include electronic transfer of data or services, often from third-party services, it’s more important than ever to ensure your business continuity (BC) program includes supply chain resilience that incorporates cyber security measures with proactive threat-hunting, risk mitigation, and disaster recovery and business continuity plans.
So what can you do to help keep your supply chain and operations safe?
Here are a few questions to consider:
- Are your suppliers and vendors part of your overall BC program?
- Have you identified all vendors that are critical to your supply chain and overall operations?
- Have you included digital information suppliers in your vendor review? This could include payment process sites and tools, human resource management software, and other digital information exchange processes and services throughout your organization.
- When was the last time you conducted vendor risk assessments?
- Do your risk assessments include related tools, people, and processes?
- Do you require your vendors have BC or DR plans in place to quickly recover from supply chain disruptions or breaches?
- Do your vendors require their supporting suppliers to have BC or DR plans?
- How do you get this information from your vendors and how do you evaluate their resiliency?
- How often do you ask your vendors to update you on the state of the BC program or DR plans?
- How often do you do vendor audits?
- How often do you test your own BC and DR plans to ensure timely and effective remediation from supply chain disruptions?
- If your organization is affected by a cyber breach, do you know how to respond?
Business continuity management software like AssuranceCM can help you get comprehensive visibility into your supply chain by pulling data from multiple systems and programs across your organization into a dashboard where you can analyze and review your core vendors and evaluate their risk.
A strong BC program can also help reduce the overall impact of cyber breaches on your organization including:
- Shortening the time it takes to identify a breach and contain it
- Decreasing the likelihood of additional breaches
- Reducing daily breach costs
- Reducing recovery costs
- Decreasing operational disruptions
- Reducing damage to your business reputation
Want to know more about how your BCM program can help reduce cyber costs? Check out our blog, “8 Ways a BCMP Can (Positively) Impact Cyber Breach Costs,”.
Written by Assurance Software
Assurance Software takes your company’s enterprise-wide business continuity and resiliency program to the next level. With Assurance as your go-to partner for continuity and resilience, you can confidently mitigate risk, manage recovery, and safeguard your employees, customers, operations and brands.