Gartner’s Critical Insights for External Attack Surface Management (EASM) Solutions
Gartner’s Critical Insights for External Attack Surface Management (EASM) Solutions
On top of a challenging economic year, retailers, e-tailers, and their customers face a growing threat this holiday season: the rise in cyberattacks. While businesses have lived with this threat ever since the birth of online sales, this season will be different for several reasons.
Our cursory scans of the Top 30 U.S. Retailer’s external attack surfaces revealed that nearly 83% have a potential attack surface vulnerability that could lead to a cybersecurity breach. The following is what we discovered in our research about these organizations as we are in the middle of the all-important holiday shopping season.
In order to limit their exposure to Covid-19, consumers have increased their e-commerce purchases. In the first half of 2020 online purchases spiked by roughly 30% (US Census Bureau). The holiday season will likely exacerbate this trend.
Prior to Covid-19, the Retail industry as a whole was heavily investing in Digital Transformation initiatives to improve their customer’s experience. According to BDO’s 2020 report on Retail Digital Transformation, cybersecurity is a top priority for these initiatives.
In preparation for this blog post we used Cyberpion’s Security platform to perform a single pass, external scan of the external attack surfaces of the Top 30 U.S. Retailers, including names such as Walmart, Amazon, Kroger, Costco and more. Our goal is to understand this industry as a whole in order to provide insights and benchmarks that may help all retailers when investing in cybersecurity solutions. For a more detailed explanation of what online ecosystems are, please read more here.
Retailers, especially online retailers, are likely to use substantial online infrastructures that would include multiple domains and sub-domains (consider the need for language, region, brand, product and mobile app specific sites), which in turn would incorporate hundreds, if not thousands, of connections to third-party providers for tracking, behavior, analytics and advertising services. In turn, these third-party providers would be connected to additional providers to assist in their service provisioning. Ultimately, these connections would lead to thousands of javascript code, image, and font resources. All of these elements, connections, and infrastructure are possible attack vectors for a hacking attempt.
When you understand that a vulnerability could be hiding anywhere within this external attack surface of domains, resources, connections and cloud instances you can see how challenging the job of understanding your risk can be. The security team must not only be able to discover every element within the attack surface, they must then assess the potential risk within each element. Fortunately, this is the challenge that Cyberpion answers with ease.
Note: The following findings come from a one-time vulnerability assessment on the public-facing assets of these organizations. A deeper and continuous scan of these infrastructures would likely indicate MORE vulnerabilities.
CRITICAL VULNERABILITIES:
Cyberpion discovered that nearly a quarter (23%) of the top 30 U.S. retailers have at least one COMPROMISED ASSET under the control of hackers, not the retailer.
CRITICAL VULNERABILITIES:
Cyberpion discovered that nearly one-third (30%) of the top 30 U.S. retailers have an asset that was ABUSED or STILL UNDER ABUSE as part of a global hacking campaign.
CRITICAL VULNERABILITIES:
Cyberpion discovered vulnerabilities in nearly half (43%) of the top 30 U.S. retailers have a vulnerable asset that COULD BE exploited and represents an immediate risk.
CRITICAL VULNERABILITIES:
Cyberpion discovered that most (83%) of the top 30 U.S. retailers have connections to a VULNERABLE third-party asset.
While the scope of this blog post doesn’t cover the nature and potential damages that these vulnerabilities could represent for these retailers and their customers, the risks and damages are very real. External attack surfaces, the third-party assets and infrastructures that your organization connects to, represent a growing and significant attack surface for your organization.
The impact of Covid-19, the trend of Digital Transformation, and the rise in online purchase for this holiday season will only increase the likelihood that these vulnerabilities will be discovered and exploited by today’s threat actors.
While we’ve used the Top 30 U.S. retailers for this post external attack surfaces, and their inherent vulnerabilities, are not limited to U.S.-based, large, or only retail organizations. In this era of hyper-connected online infrastructures it is likely your organization has a vulnerability hiding in its attack surface. If you are a cybersecurity representative of your organization (of any size) we encourage you to contact us immediately to get a free single-pass scan of your external attack surface!
See the risks you’re exposed to with a vulnerability assessment.
