Hackers have breached the Google Cloud infrastructure of Volusion, a provider of cloud-hosted online stores, and are delivering malicious code that records and steals payment card details entered by users in online forms (also called a Magecart or web skimming attack). More than 6,500 stores are impacted, but the number could be even higher at 20,000, according to ZDNet.
Similar attacks like this often involve targeting misconfigured Amazon Web Services accounts. This Volusion incident is allegedly the first one traced back to Google Cloud.
To understand the implications of the attack, Digital Journal spoke with Eve Maler, vice president of innovation and emerging technology of ForgeRock.
According Maler the attack has a wide implication, in relation to the potential numbers of people affected: “While 6,500 or 20,000 stores may have been compromised in the Volusion magecart attack, the number of customers who have entered their information into the individual stores’ hacked online payment forms is scarily unknown and could be in the thousands.”
She notes that to minimize the impact of such attacks in the future, companies need to do more in terms of security: “This attack further underscores the need for companies utilizing public cloud storage to severely up their security efforts. Many companies understand the benefits of leveraging the public cloud but don’t often consider the security implications that come with it.”
She indicates that there is a weakness around defining cybersecurity responsibilities: “Cloud security is a shared responsibility between the cloud service providers and the organizations that use them. However, it is still the organization’s responsibility to secure its own data.”
For businesses specifically, Maler says they need to take note of new technologies: “Companies should consider investing in modern identity access management (IAM) tools to protect their cloud-based platforms from bad actors to prevent security incidents like this one. With IAM technology, companies can safeguard their database with intelligent, contextual and continuous security that demands identity validation, like two factor authentication or multi-factor authentication, after detecting abnormal behavior.”
