How to protect the enterprise from the growing Magecart threat vector
Cyber security experts believe that Magecart threat actors have been around since 2015, however the group really surfaced through an initial discovery in June 2018 when Ticketmaster was attacked. Since then, the group has stepped up its game with more sophisticated and pervasive attacks, while doing a good job at covering up its tracks.
According to award-winning security blogger, researcher, podcaster and public speaker Graham Cluley, there have been reports that close to 50,000 online stores have been compromised by this threat so far. In fact, in the last six months, British Airways, Feedify, Umbro, Vision Direct, Newegg, BevMO and most recently, Titan Manufacturing and Distributing have all revealed that they have been compromised by Magecart.
And while your company may have security in place to prevent hackers from successfully breaking into your systems, with a Magecart-style attack, they haven’t directly compromised your IT infrastructure. Instead, they have poisoned a third-party script used by your website. “It’s equivalent to poisoning a water supply upstream from where it’s being drunk,” he says.
Take Preventative Measures
Prevention approaches not only help to secure the organization, but are required for data control as defined by regulatory compliance (like GDPR). That is why on February 27th, Cyber Security Hub will host a web seminar which will tap into the expertise of Cluley and present various preventative approaches including:
- Content Security Policy
- Monitoring & Detection
- Vendor Due Diligence Assessments
- Restricting the Usage of Third-Party Tools