Preventing Cyberattacks in 2018 Part II

Ransomware and DDoS Attacks

For merchants trying to combat cyberattacks on their business, one of the top concerns is ransomware—a hacking attack that holds a computer hostage until the merchant pays a “ransom” Last year, hundreds of thousands of computers were affected by the WannaCry ransomware attack—which exploited a vulnerability first discovered by the National Security Agency—including hospitals and banks. This year, researchers expect ransomware attacks to get “stealthier.”  

Main Content

Preventing Cyberattacks in 2018 Part II

Feb 19, 2018

Preventing Cyberattacks in 2018 Part II

Ransomware and DDoS Attacks

For merchants trying to combat cyberattacks on their business, one of the top concerns is ransomware—a hacking attack that holds a computer hostage until the merchant pays a “ransom” Last year, hundreds of thousands of computers were affected by the WannaCry ransomware attack—which exploited a vulnerability first discovered by the National Security Agency—including hospitals and banks. This year, researchers expect ransomware attacks to get “stealthier.”

“That’s because hackers are coming up with ransomware attacks that are harder for consumer security products to detect,” notes cnet.com. “Instead of running files on your computer that your antivirus can flag as malicious, hackers will rely more on code that looks legitimate because it runs in programs like Microsoft Word.”

Making matters worse, “security researchers expect new ransom-as-a-service platforms will be available on the dark web, making [it] very easy for wannabe crooks to arrange their ransomware campaigns,” predicts the InfoSec Institute adding that the authors of ransomware will likely focus more of their efforts on attacking mobile devices.

Meanwhile, small business owners still need to be vigilant about protecting themselves from malware, worms, and viruses, which 60 percent of respondents to AT&T’s Global Cybersecurity Insights survey still regard as their biggest concern.

DDoS Attacks

The other major trend to pay attention to in 2018 is an expected rise in the number of “super-charged” distributed denial of service (DDoS) attacks, which will be enabled by the poor (or non-existent) security of Internet of Things (IoT) devices like video cameras, baby monitors, “smart” door locks, and wireless routers. In a DDoS attack, a hacker targets a Web server with the intention of disrupting service, sending the targeted server so many requests that it can no longer respond to legitimate traffic or responds so slowly that it effectively becomes non-functional.

“…IoT-based DDoS attacks are likely to grow in both bot size and traffic volumes as they continue to utilize poorly secured IoT devices,” offers CSO. “There will be millions of such vulnerable devices installed for years to come, with many device manufacturers only now starting to offer hardened versions of their products.”

Preventing Cyberattacks

Cyber criminals are always looking for low-hanging fruit, and merchants that haven’t taken precautions to safeguard their business, could be a very attractive target. Know too that the damage incurred from, say, a DDoS attack can be substantial. AT&T’s Global State of IT Security survey identifies the top four effects from cybersecurity breaches as: operational impact (39%), downtime (37%), damage to reputation (25%) and loss of revenue (24%).

For all of those reasons, merchants should make certain to update their systems—including their operating system, antivirus software, web browsers and firewalls—in a timely fashion. And, even though it may be just white noise at this point, merchants need to use strong passwords that utilize letters, numbers, and other symbols. And as a precaution, don’t use the same password for all of your accounts.

Keep in mind, too that employees are a risk factor. In many cases, criminals will get inside a network thanks to an employee clicking on a link in an email or using a weak password. Businesses need to keep abreast of the latest scams and phishing attacks and train employees to be aware of the scams as well.

Smart merchants will remember to backup data on a regular basis (which will minimize worries about ransomware) and develop a formal incident response plan in the event that the business falls victim of a cyberattack. With that in mind, merchants may also want to consider hiring a security expert/ethical hacker to try to identify weaknesses in their systems. This effort to harden systems may be a significant expense, but it could save money—not to mention unending frustration—at some point down the road.

For merchants with e-commerce sites, the store should have a SSL certificate and consider the following;

  • Set up a system alert that is triggered by suspicious transactions (multiple orders coming from the same IP address, multiple orders from the same address, etc.)
  • Monitor traffic and set up an alert that is triggered if suspicious traffic activity is detected
  • Paying attention to security alerts issued by the card brands

For more information on how to protect your business from cyber criminals, and learn more about TSYS’ suite of security solutions, including encryption and tokenization, that can help protect your business from cyberattacks and data breaches, call us at 1.888.845.9457.

Contact Us
About Our
Merchant Services

Get your Free Quote, Now!

After you have submitted your information, a TSYS representative will contact you.

All fields are required to submit form. Your information is private and secure. We do not accept adult businesses

Customer Support Form