Over the weekend, more than 2,000 Magento 1 online stores were hacked in what has been described as the largest documented campaign since 2015.
Magento 1 officially reached its end-of-life (EOL) at the end of June and according to James Allen-Lewis, development director at Sonassi, the attack is yet another example of why online retailers must get to grips with their security posture.
This is especially the case for those companies choosing to remain on Magento 1 which is no longer supported with security patches.
James Allen-Lewis says, “Unfortunately, this incident should not come as a surprise. As far back as last year, warnings had been issued about the likelihood of attacks on Magento 1 stores, and as the deadline to EOL grew closer, these warnings have gotten louder. While cyber threats do exist on Magento 2, those remaining on Magento 1 are no longer supported with security patches, and therefore a prime target for hackers.
“As we head into the winter months and with the threat of a second wave and localised lockdowns persisting, online retailers are likely to see demand remain heavy for their services. While this is undoubtably a welcome headache for many, it should not mean merchants hold off on securing their website, particularly when incidents like this lay bare the realities of inaction.
“It’s critical retailers deploy basic, cyber security, best practices. Simple things such as regular updates to your passwords and multi-factor authentication are often overlooked. Additionally, retailers should be locking down the administrator interface by IP address. This simple change makes it much harder for hackers to get near this critical part of the store.”
Allen-Lewis adds: “Many attacks involve files being added or changed on a website. It is vital you monitor your log for any suspicious file activity. Furthermore, run regular audits on admin accounts and keep admin access to a minimum. You should always know who has access to your website.
“Finally, ensure you scan your website regularly for indicators of compromise. This will give you a much stronger insight into the security posture of your business,” says Allen-Lewis.
Follow us and Comment on Twitter @TheEE_io