Ryanair robbed of £3.3m – but what can the industry take from this latest high profile hack?
6. Use big data to its full potential
Alexon Bell, Compliance Solution Director EMEA & APAC at SAS, said: "The Ryanair hack illustrates the vital need for banks and enterprises to stay one step ahead of the fraudsters. With fraud levels surging around the world, banks are facing greater regulatory scrutiny, as well as the risks associated with damaging publicity from fraud, so the ability to correctly make these split-second decisions – before the fraud occurs – is more important than ever.
"Real-time fraud detection using data analytics is already available, so these kinds of losses are preventable. Unfortunately, many companies are still not using big data to its full potential. Instead, they are effectively opening themselves up to these attacks by relying on manual processes or simple rules-based systems which are no longer adequate detection solutions.
"The funds may be repaid this time, but it should serve as a further wake-up call to all global enterprises that prevention is always cheaper than cure."
7. Adopt a secure breach approach
Paul Hampton, Payment Security Expert at Gemalto, said: "It’s vital for businesses to protect their customers’ data as early in the transaction process as possible by moving to a framework that is centred on the data itself.
"This means adopting a ‘secure breach’ approach to data protection which focuses protecting sensitive data wherever it exists. Rather than focusing on specific points of vulnerability, end-to-end encryption secures data from the earliest possible moment of its capture, ensuring that data remains in an encrypted state consistently until it arrives at the payment gateway.
"However, encryption alone is only part of the solution. Organisations should invest in a standards-based enterprise key management strategy that should include specific methods of limiting access to keys, defining how those keys are issued and distributed, and providing protections for them as they are stored. Without these considerations, keys could be copied, modified or even impersonated by a skilled hacker, who could then access cardholder data.
"Being breached is not a question of "if" but "when". Long term security — as well as business success — will hinge on an organisation’s ability to more comprehensively and strategically manage its security efforts.
"Only by adopting a data-centric approach that leverages the cloud to secure sensitive information across its entire lifecycle, can companies be safe in the knowledge that their data is protected, whether or not a security breach occurs."
8. Educate your employees
Guy Bunker, SVP Products at Clearswift, said: "This just goes to show that businesses have to be extraordinarily careful over even the most obvious of items – like bank accounts, transactions and money. As business processes become ever more complex the opportunity for fraud created through social engineering also increases.
"There was a trend a couple of years ago with fake invoices (or ‘real’ invoices with changes in bank details for direct transfer payment) which were then followed up aggressively in order to get them paid. This appears to be a similar type of attack.
"Training and awareness are key to help employees to understand and recognise this type of threat and then have a process to act accordingly. Furthermore, this education must not be a one-off, it needs to be constantly reinforced, and where possible backed up with policies and technologies in order to reduce the risk."
9. Secure your supply chain
Richard Brown, Director EMEA Channels & Alliances at Arbor Networks, said: "You can have the tightest cybersecurity available, but as an organisation if you haven’t assessed the weaknesses in your supply chain, and where indirect attacks might come from, then it’s like locking your front door but leaving all your windows wide open.
"Now Ryanair is the latest organisation to fall victim to a supplier’s lack of security. All organisations have a supply chain – some larger than others – but very few do the checks necessary to make sure they don’t present a security risk.
"Often we see hackers target customer data within an organisation – but this is a reminder that attacks happen for a wide range of motivations. This time it was financial. Although it seems customer details are safe, it is still worrying that Ryanair was compromised. When this happens, reputational damage is often just as harmful as the actual physical loss. Whether Ryanair is directly to blame or not, just by association this will tarnish its already questionable reputation."
10. Consider cyber liability insurance
Ken Munro, Senior Partner at Pen Test Partners, said: "In the case of Ryan Air, the thieves chose a plausible spend – fuel – to siphon out the money and this brings us to another common method of fraud: invoicing.
"A letter or email arrives at accounts payable stating the bank details have changed for a large supplier. No one verifies it, and the next payment goes to the fraudster. We can usually find out how the breach happened (generally a phishing email to accounts payable, stealing banking passwords) and help mitigate future attacks but nine times out of ten the cash is unrecoverable.
"In many cases, just like Ryan Air, the funds have already been transferred to other countries. For those without the clout of Ryan Air, first party cyber liability insurance can help recover these sums, indemnify the business and ultimately prevent it from going bust."