TalkTalk Cybersecurity Attack: Downstream Attacks Imminent
Posted October 26, 2015
4 million TalkTalk customers’ data is at risk after a “significant and sustained” cybersecurity attack– including names and addresses, dates of birth, email addresses, telephone numbers and even credit card & bank details.
TalkTalk are currently experiencing the initial pain of suffering a serious cybersecurity breach: Brand damage, plummeting share prices, damaged customer relations, costly remediation… and even ransom demands! However companies across the land will need to be on high alert, as this data will most likely end up on a darknet site for fraudsters to use beyond TalkTalk.
As the world has moved online, business are completely dependent on digital authentication in order to transact and interact with their customers. As a result, digital credentials have become a new currency. Telcos such as TalkTalk- who have suffered three public data breaches this year alone- are now as high a target for cybercriminals as financial institutions have traditionally been. Telcos process and store a great deal of personal data and the black market price for this stolen data is high.
Every time another major organization such as TalkTalk is hacked, more fragments of leaked digital IDs can be pieced together by attackers. It becomes increasingly difficult for companies to distinguish the good customer from the fraudster using stolen credentials.
Stolen data will be used to attack banking and e-commerce sites throughout the land- via payment fraud, fraudulent account creation and account takeover attacks. Cybercriminals employ crimeware tools to cloak their identity and location whilst using botnets to run large-scale attacks, looking to penetrate the fraud defenses of target organizations using this stolen information.
When organizations who transact and interact with their customers online rely purely on static credentials to authenticate their users, they are likely to fall victim to fraud using stolen identity credentials in the wake of large-scale breaches such as at TalkTalk.
It is imperative that banks and online businesses fully verify a customer’s true digital identity, employing context-based authentication using a range of factors such as device ID, malware detection, location and behavior analytics- versus malicious activity where fraudsters mask their true identities, access multiple accounts from one machine, hide behind proxies and falsify their locations.
There is a wide range of factors that make up an individual’s digital identity and by analzying and understanding this, in real-time, organizations are able to not only keep the bad guys out, but also quickly recognize true returning customers and facilitate a smooth user experience.
The danger of the number of high-profile attacks that we are currently seeing is that as a result companies worried about downstream fraud demand onerous login and authentication processes before they can interact and transact with them. However, the burden of proof should not lie with users. Organizations should be embracing next-generation authentication to keep the fraudsters out- without impacting to user-experience.