Thursday, December 22, 2016

A Christmas cyber-carol

The report of the week

Once upon a time, there was a grumpy and greedy old man who hated Christmas. He didn’t like cyber security either and when his neighbours, with their best intention, told him to be careful with ransomware, phishing and malware at this time of the year, he put on his coat angrily, took his stick and went away grumbling: “Cyber-humbug!”. That gentleman’s name was Ebenezer Scrooge. 

On Christmas Eve, three ghosts visited him in his bedroom: the Ghost of Christmas Past, the Ghost of Christmas Present and the Ghost of Christmas Yet to Come. Each one carried a specific mission, but the three of them shared a common purpose: to open his eyes and make him discover the dangers and all the things he could lose because of his stubbornness.

Kindly and in a friendly way, the Ghost of Christmas Past showed Mr. Scrooge a study conducted by SecurityScorecard entitled: ‘Biggest Holiday Retailers’, which analyzed the common behaviour and vulnerabilities of the largest stores in the North American market at Christmas shopping time. Among the brands you could see Walmart, Amazon H&M, BestBuy and Target.

The old man opened his eyes astonished when he discovered that 100%, that is to say, the totality of the biggest holiday retailers were found to have multiple issues with domain security, which increases the risk of hackers impersonating a retailer’s site and falsifying a payment form to get users’ credit cards information. “Beware of phishing”, the Ghost warned the old man when saying goodbye. But before leaving he gave him 8 tips from Kaspersky Lab to make online shopping much safer.

At 2 o’clock, the ghost of Christmas Present appeared in his bedroom, willing to continue the narration of the report, although Scrooge didn’t want to hear any of it. Nevertheless, the gentleman discovered that more than 90% of those retailers had an SPF record missing, which increased the risk of email spoofing attacks reaching consumers, while 80% were not using intrusion detection systems to monitor all the traffic.

Suddenly, everything went dark. It was the turn of the Ghost of Christmas Yet to Come, who described how the 83% of the biggest holiday retailers had unpatched vulnerabilities in their networks, and that 43% of them had been infected with malware that year. At that pace, the future seemed even darker. That’s why, the protagonist of our story promised to change and listen to his neighbours when they told him to be cyber-cautious.

The next morning, Mr. Scrooge felt like a new man. Apart from giving gifts to his closet friends and also strangers, he watched over the online purchases of others and warned them about the maliciousness of malware, adware, phishing and ransomware. Like him, anyone can learn how to protect their devices and safeguard their purchases at Christmas, and at any other time of the year. Happy Holidays to you all!

Image source: A Christmas Carol


Post a Comment