UK government security experts have been forced to notify over 4000 domestic online businesses that their websites were infected with digital skimming code.
GCHQ agency, the National Cyber Security Centre (NCSC), informed 4151 compromised online shops up to the end of September. Most of these were exploited via a known bug in the popular Magento e-commerce software.
The NCSC argued it was particularly important that digital retailers get their house in order ahead of the busy festive shopping period, which begins at the end of this week with the Black Friday weekend.
“We want small and medium-sized online retailers to know how to prevent their sites being exploited by opportunistic cyber-criminals over the peak shopping period. Falling victim to cybercrime could leave you and your customers out of pocket and cause reputational damage,” said NCSC deputy director for economy and society, Sarah Lyons.
“It’s important to keep websites as secure as possible and I would urge all business owners to follow our guidance and make sure their software is up-to-date.”
The compromised sites were found by the NCSC’s highly successful Active Cyber Defence program, which proactively looks to remove malicious sites and tackle scams before they can impact large numbers of consumers.
It resulted in the take-down of 2.3 million cyber-enabled “commodity campaigns” last year, including hundreds of phishing campaigns using NHS branding and scores of malicious apps.
The NCSC’s actions highlight the continued threat from digital skimming groups such as those filed under the umbrella term “Magecart.”
These groups struck global targets frequently in 2019 and 2020, but little activity has been reported this year. In September 2020, for example, around 2000 stores running Magento were attacked in a single weekend, the most extensive recorded campaign of its kind until that moment.
The British Retail Consortium has developed a Cyber Resilience Toolkit for retailers in partnership with the NCSC