There’s FOMO (Fear of Missing Out) and then there’s FIM (File Integrity Monitoring). You do not want to miss out on understanding what FIM is all about and why the FBI (Federal Bureau Of Investigation) is concerned.
The FBI Cyberdivision recently released a Flash Report reporting that cyber actors are unlawfully scraped credit card data from US business’ online checkout pages. These bad actors have also been injecting malicious PHP Hypertext Preprocessor (PHP) code into commerce websites’ checkout pages. The scraped data has been sent to an actor-controlled server that spoofed a legitimate card processing server.
To mitigate the threat these actors pose by compromising US business online checkout pages to steal credit card information, the FBI recommends that companies with checkout pages:
- Update and patch all systems, to include operating systems, software, and any third party code running as part of your website.
- Change default login credentials on all systems.
- Monitor requests performed against your e-commerce environment to identify possible malicious activity.
- Segregate and segment network systems to limit how easily cyber criminals can move from one to another.
- Secure all websites transferring sensitive information by using secure socket layer (SSL) protocol.
In addition, I suggest running File Integrity Monitoring (FIM) technology to monitor and detect any file changes that could indicate a cyberattack. Also known as change monitoring, FIM examines files to see if and when they change, and by how and who.
If you are running a website, especially one which transacts funds, and if you do not have File Integrity Monitoring (FIM) implemented, I do not want to shop on your website. Furthermore, you are going to get pummeled by bad actors because you do not have your house in order!
It’s fascinating to me when a business has card data compromised while battle tested measures could easily have been put in place. Understanding the technical controls your organization and associated Nth parties have in place to defend against fundamental attacks is an imperative in the world of ecommerce.