<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Retail

The Data Breach is Over... let the Phishing Begin!

Melissa Stevens | November 10, 2014

phishingLast week it was revealed that more than 53 million email addresses were stolen as part of the Home Depot breach discovered last September. Combined with the 76 million email addresses stolen in the JPMC data breach in June, we're talking about more than 125 million email addresses available for cyber criminals to use in highly targeted email phishing scams.  

But are breach-wary consumers and businesses still paying attention to this news? Are they aware of the risks they still face even as the breach itself has been contained? 

Caution & Confusion

Communications from the breached organizations have been somewhat vague. Victims are being emailed and told to be on the lookout for suspicious emails that look like they could be coming from the organization. Victims are also being told the risk is low that they will be targeted, and corporate communications have also indicated that not all people whose information may have been compromised will be contacted.  

A tweet from Bob Rudis sums this up the confusing situation nicely:

bob-rudis-twwet

It's not just consumers who are at risk

If businesses think this is only a consumer issue, they need to think again.

Phishing continues to be a very successful attack vector for hackers.  The 2014 Verizon Data Breach Investigation Report found that nearly 67% of breaches were carried out through phishing.  With the information stolen from these breaches, criminals now have access to multiple data points on customers whom they can target with highly personalized, authentic looking email campaigns.

But attackers aren't just after account log-in details in these campaigns. Often, they are also installing malware that can then steal information and credentials from a machine, and possibly infect an entire network. The risk to businesses in this scenario lies not in being targeted by the attackers directly, but through the behaviors of their employees on network connected devices. One simple point to think about: how often do your employees check personal email on a work machine? 

Even if a business believes that all of their staff are well informed and capable of spotting a phishing scam, how confident can they be in their third party suppliers and partners? Both the Target breach and the Home Depot breach serve as examples of the importance of vendor risk management. All it takes is for one employee or vendor to be fooled by one of these campaigns, and your information is placed at risk. The attackers know this- but are your employees, vendors and suppliers aware? 

The not-so-simple truth

Besides better training and awareness programs, what this all points to is the need for rapid identification and response when it comes to detecting a potential breach. The 2014 M-Trends Report from Mandiant found that the median dwell time for an attack was 229 days in a network before it was discovered! They also found that only 33% of attacks were discovered by the breached organization.

All of the breaches highlighted in this blog post went undiscovered for months. And two were breached through a weakness in a third party's network.  To avoid becoming the next victim, organizations need to be more vigilant in monitoring their entire information supply chain and knowing what security risks are emerging across the extended enterprise. The risk from phishing and other attack vectors is real, and we need to be prepared to identify and respond to attacks before they can cause the massive amounts of damage we are becoming so tired of hearing about.

Suggested Posts

5 Crucial Strategies for Improving Retail Network Security

The retail sector has proven that when top minds put their heads together, they can make real headway against pernicious cyber threats. Case in point: the industry-wide adoption of EMV  chip cards has played a role in reducing...

READ MORE »

3 Surprising Ways Supply Chain Cybersecurity Can Impact Retailers

Retail operations, whether in-store or online, rely on a long chain of connections between third parties. When attackers target one of these third parties, they can wreak havoc on the supply chain, affecting business operations up and down...

READ MORE »

4 Emerging Retail Cybersecurity Threats (and How to Stop Them)

The retail industry has always been a favorite target of cyber criminals. We all remember major data breaches like those that affected Target, TJX, and Home Depot — but the truth is that cybersecurity threats have been a daily concern of...

READ MORE »

Subscribe to get security news and updates in your inbox.