Canadian retailers need to be vigilant in the face of an expected upswing in security breaches during the online shopping madness of Cyber Monday, according to a cybersecurity expert.
Retailers will want to ensure their existing security systems are up to snuff and they should perform updates on their periodic vulnerability tests if there is any doubt, says Raymond Vankrimpen, a partner at Richter Advisory Group Inc. in Toronto.
"They should make sure they have done recent vulnerability testing on their e-commerce platform," he said.
Cyber-attacks to obtain payment card and personal customer information for use in fraudulent purchases and identity theft are rising dramatically.
Among the more high-profile incidents recently reported are security breaches at 395 Dairy Queen stores and the theft of 56 million records at Home Depot.
A 2014 study by the Ponemon Institute that evaluated security-breach costs in the retail sector indicated that the cost is $105 per stolen record.
With the average size of a breach at about 30,000 records, the average cost of a cybercrime for the retailer is about $3.15-million.
Most cyber attacks in the retail sector fall into three patterns, according to Richter, citing data from Verizon's 2014 Data Breach Investigations Report:
• Denial of service: attackers use an army of botnets to compromise the availability of networks and systems; motives could be so-called "hactivists" making a point, organized crime demanding ransom or masking other hacking attempts
• Point-of-sale intrusions: remote attacks on systems handling payment card data; the information can be used on forged cards or for fraudulent transactions, or for identity theft
• Web application attacks: obtaining payment card information through phishing, brute force or other tactics
Canadian retailers would benefit from joining together and sharing cybersecurity intelligence, following the lead of the U.S. National Retail Federation, Mr. Vankrimpen said.
"It would be good to see something like that in Canada."
Smaller retailers who can't afford in-house cybersecurity operations or hiring an expensive outside firm might look into shared-pool managed security services that offer a single security operations centre for different clients, he said.
"Sharing intelligence makes sense," said Mr. Vankrimpen.