Subscribe
About
  • Home
  • /
  • Security
  • /
  • J2 Software cautions about cyber breaches of rewards programmes

J2 Software cautions about cyber breaches of rewards programmes

John Mc Loughlin, MD, J2 Software.
John Mc Loughlin, MD, J2 Software.

The growth in cyber attacks is all too familiar these days. Hackers use their devious skills to acquire financial and personal information with the unwitting victim's data either being sold or used to commit fraud; make purchases etc.

John Mc Loughlin, MD, J2 Software, notes that the growth in rewards programmes' fraud has provided a new method for criminals to take advantage of data breaches.

"Free and all too easy access to victims' data is a growing trend. Rewards programmes are a ripe picking ground for cyber crooks because they are often less secure, with users having a more blas'e attitude to security matters on these sites as they think they are only safeguarding 'points'.

"These sites normally do not have credit card transactions meaning that compliance codes do not apply. Many of these systems do not even have an option for two-factor authentication," says Mc Loughlin.

He expands that compromised, stolen or breached credentials are used to book holidays, free flights or exchange loyalty points for goods.

"The attack vectors are vast and the truth is that our only way to prevent damage is to be both proactive and defensive. We have no choice but to be both attackers and defenders."

Mc Loughlin says J2 Software's strategy to address this problem is to make their teams both part of the build-up and the clean-up crew.

"Cyber resilience and the ability to respond are no longer nice-to-have assets: they are crucial in a world where cyber threats are growing and those with ill-intent are using everything at their disposal to take advantage."

He emphasises that it is important to provide a multi-tiered, multi-layered, deep defence approach and take advantage of everything at ones disposal to fend off the unrelenting attacks.

"This must include our systems and importantly, our people. This is then augmented by adding continuous monitoring of activity, access and compromise.

"Corporate enterprises need to remember that almost every computer literate person uses the same password for everything or with a very small change of a character or number: between systems.

"A relative's birthdate, child's name or similar is used as a login criteria on so many online and network systems. Even with the greatest intent in the world, a single compromise or breach in a third party system makes sure this is now accessible to the rest of the world."

Mc Loughlin says it is not sufficient to simply monitor access into and out of corporate networks or user activity.

"There is a vast hyper-connected world that stretches beyond all borders. For example a compromise on something as simple as a user's fitness app can open up a company's corporate environment to data loss and intellectual property theft.

"Essentially the only thing 'free' is the access cyber criminals have to data resulting in high costs; reputational damage and ultimately ruined businesses," Mc Loughlin concludes.

Share

J2 Software

J2 Software is a dynamic African ICT company founded in 2006 to address the need for effective information security, governance, risk and compliance solutions in the ICT markets' across the continent. It offers globally leading solutions including: Dtex SystemSkan; Mimecast; J2 Online Backup and Simply Secure.

The continued rise of identity theft and confidential data leakage drives the requirement for J2 Software's product offerings, not only for competitive advantage but as an absolute necessity.

It delivers essential tools that empower organisations to take control of their technology spend. Its hand-picked solutions provide complete visibility over its customers' environment while reducing risk and lowering costs.

J2 Software has provided services and solutions to renowned enterprise corporations with sites running in South Africa, Angola, Botswana, Kenya, Malawi, Mauritius, Mozambique, Tanzania, Uganda and Zambia.

Visit the J2 Blog
Twitter: https://twitter.com/j2softwaresa Handle - @J2SoftwareSA
Facebook: https://www.facebook.com/J2Software/
LinkedIn User Group: https://www.linkedin.com/groups/3893947/
LinkedIn Company: https://www.linkedin.com/company/j2-software

Editorial contacts

Deirdre Blain
Blain Communications
(+27) 083 230 5522
blain@iafrica.com
John Mc Loughlin
J2 Software
(+27) 0861 00 5896
john@j2.co.za