The threat of cybercrime continues to prove a huge challenge for companies who are expanding their business in the online world, further emphasised by the recent data breach at file transfer software MOVEit, in which employee personal data was stolen from British Airways, Boots, Aer Lingus and more.
As organisations search for a strong security software to keep their colleague and customer data secure, Killian Chopinet, Senior Ethical Hacker at online marketplace ManoMano, believes brands’ focus should instead turn to the use of ethical hackers, who will play a key role in fighting the threat of future cyber attacks.
With previous experience as a Cybersecurity Expert, Penetration Tester and Bug Bounty Hunter, Killian has been helping companies improve their cyber defence systems since 2016, before joining ManoMano as a Senior Ethical Hacker in November 2022. Killian believes the rapid rise of online services and access to digital innovations has opened a new window of opportunity for cyber attacks.
The proliferation of online services has played a huge role in increasing the attack surface, which ultimately has made businesses more vulnerable. These days, all e-commerce platforms have at least one mobile application in addition to a website, which increases the likelihood of a vulnerability being introduced.
In addition, the younger generation having easy access to the online world and digital innovations such as ChatGPT has meant that attacks are constantly on the rise. Countries have tried to counter these risks with more resources and training in cybersecurity, however this has also made it much simpler for people to ‘train’ to become a hacker.
– Killian Chopinet, Senior Ethical Hacker, ManoMano
As a result, cybercrime has become one of the biggest threats to companies in 2023. Between January and March, the number of worldwide cyber attacks rose by 7% compared to the same timeframe in 2022, according to research from Check Point, whilst a government survey on Cyber Security Breaches found that 39% of UK businesses reported suffering a cyber attack last year.
Based on his career experience, Killian has outlined the current biggest cyber threats which ecommerces need to educate themselves on and prepare for:
- Distributed denial-of-service (DDOS): Attackers will aim to make the platform unavailable to its intended users in order to generate a financial loss for the company
- Data leakage: Attackers will seek to leak the personal data of the company’s platform users, which is subject to many regulations, especially in Europe with the GDPR. This could damage the company’s image and lead to a loss of customer confidence
- Ransomware: Attacks will encrypt data to damage a company or demand a ransom in exchange. The damage can be considerable, depending on the capacity and speed of recovery
Many companies believe the best approach to defending their platform against cybercriminals is by investing in state-of-the-art security solutions, however Killian believes this comes with its own risks.
It requires a lot of investment in both time, money, and resources, and yet can often be poorly configured or not used properly. I truly believe it’s better to identify all vulnerabilities on our application and fix it at the root cause, instead of deploying security solutions that “should” cover the vulnerabilities. As we have seen in recent examples, the point of entry for many cyber-attacks is often the human being. However, they cannot be the ones to blame if they were not provided with the correct tools to detect or protect the business against these attacks.
– Killian Chopinet, Senior Ethical Hacker, ManoMano
Instead, Killian believes the best way for companies to understand the threat of cybercriminals is not to shy away from it, but rather to meet the threat face on. Ethical hackers are cyber security professionals who have in-depth knowledge of a platform’s network system and are used to finding security vulnerabilities that could be exploited by malicious hackers.
Ethical hackers are a fantastic way for companies to always stay one step ahead of cybercriminals. At ManoMano, we have a strong team of ethical hackers who are used to audit the security of every component we deploy.
Through the use of IT service management company Cloudflare we have been able to upstream our applications which can slow down the most experienced hackers and block beginners. We have also set up several internal alerts that are raised if a potential hacker manages to infiltrate our infrastructure.
It’s also important to have your platform tested regularly and by different hackers, because each hacker will have their own speciality and mindset. At ManoMano, we work with the best hackers in the world through a “Bug Bounty” programme to reward ethical researchers if they manage to find a vulnerability in our platform.
– Killian Chopinet, Senior Ethical Hacker, ManoMano
As well as regularly monitoring ManoMano’s network, the team of ethical hackers also educate ManoMano colleagues on how to react to a cyber attack, to raise awareness of the potential threats and strengthen their defence even further.
ManoMano regularly test their staff by simulating highly realistic social engineering attacks in order to raise their awareness of this issue.
With the threat of cybercrime not looking likely to slow down in the coming years, it is imperative that companies have a clear security strategy in place, and whilst cyber defence software and security solution providers will certainly play a key role in fighting the threat of cyber attacks, Killian believes one of the most important factors is a strong security team behind it.
It is important that all companies ensure they invest in a proven security software. However it is also important that companies have a strong team behind it, and so they must consider investing in ethical hackers who will help identify any cyber threats or platform vulnerabilities before malicious hackers can take advantage.
– Killian Chopinet, Senior Ethical Hacker, ManoMano
