BACKGROUND:
According to media reports, Tesco has been the victim of a hacking attempt.
BACKGROUND:
According to media reports, Tesco has been the victim of a hacking attempt.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>While more of our daily activities feature online, our personal information will remain increasingly at risk to a data breach. Attackers constantly target big organisations with damaging effects which can have massive impact on their customers. </p>
<p>Whether it be nefarious or otherwise, once a system goes down it can often be a long time before the full impact is seen by the organisation and their customers but we are unlikely to ever know the full details as to how it may have occurred. Many data breaches are found to have stolen more information than initially thought so it is always best to err on the side of caution and change any passwords once the system allows the changes. Furthermore, where possible it is advised to hand over the minimum amount of personal data on websites which store your information.</p>
<p>At a time when retailers are increasingly relying on online sales, this attack will no doubt have had a significant impact on operations over the past couple of days. While we have no detail about the cause of this particular incident, over the past 18 months we have seen an increase in threats against large organisations as a result of changes to the network permitter due to the adoption of flexible and remote working. Employees now hold far greater responsibility with regards to company security. Their endpoint devices – such as company laptops or phones, or personal devices they connect to the corporate</p>
<p>network – are all potential gateways for cybercriminals.</p>
<p>The human threat to cybersecurity is a risk that should be mitigated with both technology and training. As the vast majority of human error is unintentional, implementing ongoing training and</p>
<p>awareness building is a crucial tool. This should include teaching employees to recognise phishing attempts and any malicious activity that may be aimed at exploiting those that may not have</p>
<p>security front of mind. By doing this, businesses can make employees their first line of defence when it comes to endpoint protection.</p>