Online Retailers at Increased Risk of Breach

Cybercriminals increasingly are targeting online merchants due to the greater vulnerability of card-not-present transactions. France-based computer hardware retailer LaCie, for example, says its website was subject to a malware attack that went undetected for a year. Javelin Strategy & Research analyst Al Pascual notes “online retailers have neither the oversight of a feared regulatory regime, or the budgets, to match” the safeguards of the broader financial industry. He says e-commerce transactions should use dynamic authentication or tokenization, similar to what chip cards pledge to provide for card-present transactions. Marble Security’s Dave Jevans observes that many online retailers have hesitated to deploy additional forms of user and transactional authentication. Some security experts say the LaCie breach is linked to the exploit of a vulnerability in Adobe’s ColdFusion software.

[divide]

From “Online Retailers at Increased Risk”
BankInfoSecurity.com (04/18/14) Kitten, Tracy