Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks. Learn More

Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

Managed Security Services

Expand your team’s capabilities and strengthen your security posture

Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

Penetration Testing

Subscription- or project-based testing, delivered by global experts

Database Security

Get ahead of database risk, protect data and exceed compliance requirements

Email Security & Management

Catch email threats others miss with layered security & maximum control

Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Platform
SpiderLabs Fusion Center
Security Operations Centers
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Stay One Step Ahead of Retail Hackers

They are glorified in Hollywood as unbeatable masterminds, and ubiquitous in real-world headlines for bringing down household retail brands. No one doubts that hackers are the smart guys, but are they the smartest? Perhaps the better question is: Is it even possible to stay one step ahead of them in the fight against cybercrime?

It's a no-brainer why adversaries target retailers: They hold and process vast amounts of financial information about customers. Advisory firm Quocirca recently found that 70 percent of European merchants admit they've been targeted by attackers, with 45 percent of those attempts successful and a third of them resulting in data loss.

According to the 2015 Trustwave Global Security Report, 43 percent of our data breach investigation caseload were in the retail industry, including brick-and-mortar and e-commerce websites.

It isn't an unbeatable war though. Retailers can and do survive cybercrime. How did they get back to business as usual so fast? Because they were protected by intelligent systems developed by experts who knew how to outsmart the hackers.

Cybercrime fighters (the good guys in Hollywood movies) know how to think like the criminals, which is why they win more than they lose.

But how do ethical hackers develop solutions that can outsmart malware not yet seen. Specialist companies like Trustwave draw on first-hand experiences from the field. The unique research they have amassed - from examining billions of security events, tens of millions of web transactions, millions of network vulnerability scans, and thousands of penetration tests - builds an incredible picture of how hackers behave, and can reliably predict what they're likely to try next.

Look For Vulnerabilities Like a Hacker Would

It's one thing to know your enemy, but how well do you know your own system and processes, end to end? Hackers leverage that lack of big-picture understanding to their advantage. There's a good chance they already know your system better than you do if they've decided to target you.

Hackers are always looking for new ways to compromise systems, sometimes via unexpected channels. 98 percent of the applications we tested were vulnerable to an attack, with a median of 20 vulnerabilities found per application.

This is why it's critical that either your own staff, or an outside expert, looks at your system and processes for weaknesses in the same way a hacker would. This enables you to develop a strong, unified security strategy that is prepared for attack from every angle.

Adopt a Multi-Layered Defense Strategy

A unified, multi-layered strategy doesn't just build a firewall around your database. It goes much further to protect you and your customers from risk by considering every aspect of an attack. It will manage threats to your email security, network, website, applications and content, and will prevent and detect intrusion. It will minimize damage, maintain compliance and install a fast recovery procedure. Finally, it will guard every entrance, responding to threats instantly.

Remember, knowledge is power. The intelligence exists to outsmart the hackers over and over again, and the good guys can, and do, win.

Jane Dotensko is Trustwave marketing manager in EMEA. 


Latest Trustwave Blogs

Unlock the Power of Your SIEM with Co-Managed SOC

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools,...

Read More

Trustwave SpiderLabs: LockBit 3.0 Ransomware Most Common Malware Used to Attack the Manufacturing Sector

As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) are becoming...

Read More

Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity &...

Read More