Dragon News

Dragon News

An inside look at the world of Team Cymru. Cybersecurity tools, tips, news and views.




Dragon News

Industry Threat Focus: Retail

Jenny O'ConnellJenny O'Connell

With Black Friday and Cyber Monday safely in the bag, retailers are probably looking forward to a few more weeks of brisk trade in the run up to Christmas. Then just over the horizon, mince pie fueled Boxing Day and January sales – for all the things Santa just couldn’t quite fit in his sleigh.

But despite the ringing cash registers, retail bosses can’t relax with a Yuletide tipple just yet. For where there’s money, there’s cybercrime, and the criminals don’t take a break for the holidays.

Toy sellers have particular cause for concern following the breach of VTECH, makers of the Kidizoom smartwatch and InnoTab Tablet, which may have exposed information relating to over 6 million children.

And the security woes don’t end there for smart-playthings. We’ve discussed the risks surrounding Hello Barbie, Mattel’s latest iteration of the iconic doll, previously. But now researchers claim to have discovered specific vulnerabilities related the toy

Even the process of charging customers for their questionably secure goods can be risky, as Target learnt back in 2013. The company has now agreed to pay up to $39m in relation to the breach.

Point of Sale threats, like the one that hit Target, haven’t stayed still either. Trend Micro recently reported on Operation Black Atlas, a campaign utilizing a range of tools, including the BlackPOS malware.

Here’s hoping that everyone involved in the retail industry has a safe and happy holiday season, but stay vigilant – we don’t want Christmas to come early for the crooks.


Photo Credit: Magnus_Manske, under Creative Commons