2. The Nation Wants To Know…
WHAT 17000 domains compromised
WHEN July 2019
WHO Cybercriminals (using Magecart technique)
WHY Misconfigured Amazon S3 buckets. Financial gain
HOW JavaScript-based payment card-skimming code is over-
written on existing JavaScript files on the bucket
4. Outline
• Context and Introduction
• Threat Actors and Modus Operandi
• Challenges and Countermeasures
5. Context & Introduction to Digital Skimming
• Drivers and motivators for attacks on e-commerce sites
• Magecart & The “What” of Digital Skimming
• Big names: FILA, British Airways, Feedify
6. Threat Actors & Modus Operandi
• The “How” of Digital Skimming
• Attack Vectors : Patterns & Signatures
• Post attack proceedings and operations
9. Challenges & Countermeasures
Challenges
• Lack of visibility
• Dependency on third parties
• Diversity of attack types
• Detection is difficult
Countermeasures
• JavaScript Controls
• Website Configuration Settings
• Hardening Procedures
• Process & Policy
10. Conclusion
• Build defenses against known attack patterns and watch
out for the unknown
• Collaborative sharing between impacted organizations,
security researchers and law enforcement