“The interesting thing about this attack on Ticketmaster was that it was another supply chain attack. Here, Ticketmaster was using a plugin form a third-party supplier on their website which was compromised. NotPetya demonstrated the potential these kinds of attacks have, and yet they are still happening. Simply put, business needs to step up its game.
At home rather than abroad we have already see this: the ICO and their text to speech plugin, national newspapers and property plugins, and we will undoubtedly see more of this in the future. So how can businesses combat it? A good start would be to stop focusing on knowing thy enemy and start to work on knowing thyself – and I mean really know thyself. Know your entire attack surface, know your risk model, and understand which risk external parties may introduce if using their plugins. Here the risk was added on using external parties hosting customer support software.
“From a user’s perspective, consumers should also appreciate that when you connect to a website, you have code running from a number of organisations on your web browser – as such you shouldn’t store personal details in the open in text files or even in documents on your device. Instead think of using password vaults to store personal information and bank details. This said, the worry here is that the malware embedded within the customer support application did exactly that. Ultimately however, all consumers should assume that at some stage there may be an issue with their details, so having monitoring in place to monitor credit history and financial activity on the web is advisable.”
Etienne Greeff, CTO and Co-founder, SecureData