INFRA
INFRA
INFRA
British Airways hack linked to the same group that hit Ticketmaster
The hack of U.K. carrier British Airways last week that affected 380,000 customers has been linked to a notorious hacking gang that was also behind the hack of Ticketmaster Entertainment Inc., according to a new report.
The claim Tuesday came from security firm RiskIQ Inc. which link the hacks to a gang it dubs “Magecart” that uses “web-based card skimmers.” That attack method is aimed at skimming e-commerce transactions with the intent of capturing payment card details.
In the case of Magecart, the group “injects scripts designed to steal sensitive data that consumers enter into online payment forms on e-commerce websites directly or through compromised third-party suppliers used by these sites.”
British Airways itself has yet to disclose how the hack occurred, but Ticketmaster did, saying at the time that their hack was the result of “malicious software on a customer support product hosted by an external supplier.”
The report went on to note that Magecart set up custom, targeted infrastructure to blend in with the British Airways website specifically to avoid detection for as long as possible, indicating that the group is evolving and has the capability to do so again.
Mike Bittner, digital security and operations manager at The Media Trust, told SiliconANGLE that the hacks of both British Airways and Ticketmaster reveals a failure of some developers and software engineers to integrate security measures in designing web apps, as well as organized cybercriminals continuing to exploit vulnerabilities.
“The tools and techniques to prevent cross-site scripting and SQL injections have been around for a while, but they continue to be ignored,” Bittner said. “Developers should determine what is safe user input and reject all others, be they text, JavaScript or any unauthorized code. Website operators should carefully vet third-party web app providers to ensure their products have the right security measures in place.”
Also, he said, websites should test their web apps to make sure they aren’t vulnerable to attacks involving cross-site scripting or SQL injections. Not least, he added, they should continuously scan their sites to detect unauthorized code.
“Anything less than a proactive, comprehensive approach to securing their sites could amount to infringement of a growing number of consumer data privacy regulations like GDPR,” he said.
Photo: Maxpixel
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
