Integrating
reliable software should be the usual axiom for every company but sadly this
isn’t the case. Organisations should strive to understand the kind of security
testing that they can benefit from in their battle to prevent cyber-attacks.
Take
Dixons Carphone for example the Selenium Web-Driver after they were recently victims
of a major cyber-attack, which saw a huge breach involving 5.9 million payment
cards and 1.2 million personal data records.
It said
an investigation indicated there was an attempt, going back to July last year,
to compromise data on credit cards in one of the processing systems of Currys
PC World and Dixons Travel stores.
It said
5.8 million of these cards had chip and pin protection and the data accessed
contained neither pin codes, card verification values nor any authentication
data that would enable cardholder identification or purchases to be made.
However,
it said 105,000 non-EU issued payment cards which do not have chip and pin
protection had been compromised. Dixons Carphone
immediately notified the relevant card companies so that they could protect
customers. It’s worrying that major cyber-attacks like this are still so common
and that nothing seems to be done to prevent them from happening – especially
in global firms.
Cyber
criminals are finding it easier to access Unit Testing and Dixons Carphone must now
look at whether their defensive software is doing its job properly. A repeat of
what happened would be a mortal blow to their business. The only way to prevent
that happening again is to properly integrate and test the software.
People
are too overly-focused on scanning for known vulnerabilities in software after
it has been released, and under-focused on poor software development practices
that lead to vulnerable applications that hackers can exploit.
No comments:
Post a Comment