Cyberspace has been abuzz with discussions about the recent hacking of Burger King’s Twitter account and the ensuing scramble to exercise damage control. The perpetrators who took over the account were able to post profane messages and change the profile picture to a McDonald’s logo, claiming that Burger King had been acquired by its rival. After about an hour, Burger King was able to get Twitter to suspend the account. Burger King was able to restore its original account later the same day and apologize for the incident. Meanwhile, McDonald’s disclaimed any responsibility for the attack, and McDonald’s and other retailers expressed their sympathy to Burger King.
Unfortunately, these sorts of cyberattacks are all too frequent and are likely to continue. Some may be as obvious as a commandeered Twitter handle or Facebook page, while others may more subtle such as a shadow e-commerce site that uses a web address that is confusingly similar to your official one. Although it may not be possible to prevent all such attacks, this is a good time for retailers to review their strategies for reacting to a cyberattack and for minimizing the risk that they will be the victim of such an event.
Be ready to react.
Cyberattacks may occur when you least expect them, and you cannot take your time to address them. Here are some steps you can take to be ready to react quickly if your web sites or social media accounts are targeted:
- Continuously monitor your own web sites and social media accounts to detect any misuse or security breach, and have a system in place to make sure that cyberattacks are reported to your incident response team as soon as possible;
- Monitor the web sites and social media accounts of your main competitors so that you are not caught flat-footed and can seize the opportunity to defend your own business from similar attacks and allegations of wrongdoing;
- Make sure your marketing, social media, and in-house legal personnel know who to contact at Twitter, Facebook, and similar accounts and at your own web site hosting company so that you can secure their quick cooperation in controlling the damage and collecting any evidence that could be used to catch wrongdoers and plug holes in your systems; and
- If your web site is used for e-commerce and other important communications with customers, have a backup site to which customer traffic can be routed on short notice.
Be proactive to minimize risk.
In addition to reacting quickly to any attacks, you should also do what you can to prevent them from happening. Keep in mind that many of the most invasive attacks begin with “spearphishing” – when someone in your company receives an e-mail that appears to be from a trusted source and, for example, either opens an attachment or clicks through to a website resulting in the insertion of malicious code on company servers. This technique is discussed at length in a recent report prepared by Mandiant concerning a Chinese cyber espionage unit that is attacking a wide range of industries in the U.S. and other countries. Here are some steps you can take to minimize the risk of being a victim of spearphishing and other attacks:
- Implement up-to-date anti-virus software, firewalls, e-mail filters, data-loss protection systems, encryption technologies, and other technical defenses;
- Educate your personnel regarding the selection and use of passwords and proper handling of suspicious e-mails and other communications that get through your SPAM filters and other defenses;
- Adopt and enforce appropriate social media policies that give your business ownership and control over its social media accounts, its web sites, and any domain names used in the business;
- Register your trademarks and other intellectual property so that you will be recognized as the rightful owner of your web sites and social media accounts and will be able to secure prompt cooperation from third parties; and
- Implement a monitoring program for your key brand names to identify potential trademark infringements and other misuse.
The on-line environment almost certainly will continue to be vulnerable to attack. Therefore, you will want to be well armed and nimble to mitigate any harm to your business.