Many Pieces of a Puzzle: Target, Neiman Marcus and Website Hacking

Website Malware

Corporations get hacked all the time. This is not news to anyone in the security business, but it has certainly received a lot of attention from those in the media over the last few weeks because of a couple of large-scale credit card events at both Target and Neiman Marcus.

For the average person, website security and credit card hacking are nebulous and difficult to understand. It seems like something for other people to worry about. However, this is a dangerous way to think about these problems. As these cases have illustrated, everyone has a stake in keeping websites and credit processing tools clean. Hackers don’t seem to care if you’re likely to never be defrauded.

When Malware Gets Personal

However, as NPR has noted, the threat becomes much clearer when seventy million people can have their credit card information compromised. With that many people compromised, it’s likely that most people know someone who was affected. All of a sudden, hackers don’t seem like someone else’s problem. The specifics of the Target and Neiman Marcus breaches involved point of sale credit card purchases.

The more important takeaway from these events is that hackers will attempt to exploit any part of a business unit that is not defended well enough. The challenge for every business from Target to small and medium-sized businesses is that any loss in consumer confidence can directly translate to a loss in sales. Target and Neiman Marcus will weather this storm because they have the resources to do so. The question is; could your business do the same?

Corporate Attacks

Hackers have built a variety of weapons with which to attack corporations. Sometimes, as with the recent hack of PayPal and Ebay’s UK site, they’re part of an organization of hacktivists with goals other than profit. Sometimes hackers want access to corporate information and, by extension, those who purchase from those sites (and their brick and mortar locations). Still other times, their goal is to place malware onto your site so that it can infect customers’ computers or other websites (a mesh network). As people coming to your site become infected, these malicious viruses actually endanger your business because Google, Bing and Yahoo may blacklist your website.

In Conclusion

In essence, it’s up to you to create a virtuous circle with your website. In order to insure that you keep customers coming to your site, those people need to be confident that it’s safe to do so. This is why it’s important to proactively defend your domain.

If you are worried that your site may already be infected, we have tools to help you scan your website and clean up any malicious code. If your site hasn’t been hit with malware, let us proactively protect your website by keeping cyber hackers at bay before they can harm your business.

About David Dede

David Dede is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

  • Gerry Stephenson

    We have been using your protection tools for the last two years I believe due to a (luckily) minor hack. That you removed withing a couple hours. Awesome company. Thank you

Share This