2020 has only begun and Magecart is already back in the headlines. You're almost certainly protecting your websites from attackers, but are you protecting your customers from your website?
Last week, news emerged of a Magecart attack on the popular Focus Camera website. The attack took place last year and involved the use of a skimmer to steal payment card data from customers using the portal.
Like the infamous British Airways attack, this one involved the use of a domain that closely resembled a legitimate brand or product – in this instance “zdsassets.com”, clearly chosen to look like ZenDesk’s official “zdassets.com”. Malicious JavaScript was injected into the website, allowing the hackers to skim credit card data at the checkout.
How Tala protects against Client-Side Attacks
Tala Security takes a comprehensive approach to securing websites against client-side attacks like the Focus Camera attack. No other solution provides the same breadth of analysis and security coverage, without impacting website performance:
- Analysis: Tala’s analysis engine continuously interrogates the site architecture, adapting to change and evaluating malicious or suspicious behaviors.
- Continuous Monitoring: Our AI-driven analysis engine evaluates over 50 unique indicators of a web page’s behavior, to detect anomalous activity within the server, website supply chain or malicious code executing in the user’s browser.
- Standards-based Security: Tala’s dynamic AI-driven analytics engine works in tandem with our automation engine to activate standards-based security capabilities, including CSP, SRI, Trusted Types and HSTS to protect against a wide range of application-layer attacks such as Magecart, cross-site scripting (XSS), clickjacking, iFrame injection and client-side malware.
- Administration: Tala’s advanced analytics engine leverages machine-learning to interpret, filter and minimize alert volumes. This ensures optimal security and streamlined operations and administration.
An example of Tala’s technology in action: Safeguarding against the Focus Camera breach.
Tala automates the deployment of multiple standards-based security capability. In the case of the Focus Camera breach, multiple facets of this capability set would ensure this attack was defeated:
- Tala generates and injects SRI hashes into the scripts, which can prevent the execution of the malicious modified scripts altogether.
- In certain cases, by design, scripts can’t be hashed – this is when the script doesn’t have CORS enabled. In these cases, Tala would prevent the exfiltration of payment data via CSP. Tala’s technology auto-generates a very fine-grained Content Security Policy that restricts the app from connecting to unauthorized endpoints, such as “zdsassets.com” used in this attack.
Security that doesn’t impact performance
Again, you’re almost certainly protecting your website from attackers, but are you protecting your customers from your website?
Tala’s innovative solution ensures that all types of client-side attacks are prevented in real time, without impacting website performance. We do this by automating standards-based security, natively available in every modern browser. This means no overhead and no impact on website performance.
Securing websites against this accelerating attack should be an imperative for every website owner. Learn more about how Tala prevents Magecart here.
