We are now coming into the third week of the Coronavirus crisis (at least from my count), and by some reports, it looks like that things could be getting better, but by some others, it sounds worst.  It’s really hard to say anymore. 

My motto is to take in one hour at a time, and one day at a time. It looks like that the social distancing could be the new normal for a while.  But honestly, I really think that the governors in our state need to start opening up businesses again, like around the 1st week of May or so.

My view is this:  The Coronavirus will never go away.  It’s like the flu.  We have it, and it will always be here until something happens to the planet.  Thus, we need to have a balance.  If we don’t start opening up businesses soon, the economy is going to get much worse than what it is now. 

I firmly believe that the fundamentals of a strong economy like before the Coronavirus are still there, but the longer this locked in period goes, it will crumble.

I am not advocating a full-blown opening of business, but something like a phased in approach.  Our governors need to understand this.  For example, it would be up to each business to establish how long employees should come into the office, and what the proper social distancing etiquette should be.  I am not against the latter, as long as it does within some reason.

Perhaps this phased in approach could include a mixture of still working from home and going to the office.  I have even just a read a headline where a business out in California likes his employees working from home so much that he is not going to renew his $10 Million lease.  Of course, an alternative to this is use rent a virtual office, where employees could still come together, and comingle with each other. 

Remember, with a virtual office, the cost is just a fraction of what it is with a normal lease.  And if you are a large enough business, you can rent out multiple virtual offices from wherever your branch locations might be at.  You can even get special deals on this as well.  The bottom line is that we cannot be cooped up in our homes for the rest of our lives.

Anyways, enough of my soapbox.  This has brought me to the actual topic of today’s blog.  As just mentioned, with businesses being shut down for who knows how long, this has led to a trend that has not yet been totally covered by the news headlines.  That is, the sheer increase in the amount of online shopping that has been occurring.  The numbers vary by what the specific increase is, but believe me, there is a huge spike.

I have seen the neighbors here in my apartment building doing online ordering for groceries, and other items as well for which they would have visited a traditional brick and mortar store for.  But just like what we have seen with Zoom, the Cyberattacker is now starting to even prey upon this area of our everyday lives as well.  But its not so much in the way of hijacking our Personal Identifiable Information (PII), but it now deals with something known as “E-Skimming”.

This is not a term that has come up too much in the Cybersecurity circles, so here is a good, technical definition of it:

“E-skimming happens when a hacker inserts malicious credential-stealing software into a retailer’s website. You think you are checking out with your credit card or debit card—because you are, and your items even arrive as intended—but the hacker is stealing your payment information from the shopping cart in real-time. They may even be using your card or selling the information on the Dark Web before you are done with the transaction.”

(SOURCE:  https://www.idtheftcenter.org/e-skimming-is-a-new-cybercrime-that-is-just-in-time-for-the-holidays/)

So, when one thinks of a skimming related Cyberattack, the image of Malware being stored at a Point of Sale (POS) terminal often comes to mind.  But forget that image now, based from the above definition, E-skimming can now happen even at the online store that you are shopping at. 

In this instance, all the Cyberattacker has to do is merely insert a piece of malicious code into the backend of the online store in a covert way.

So, while you think that you may be an online store that is safe, merely because it has the locked padlock in the upper left hand of the URL window in your Web browser, you really are not.  You may also think that just because the checkout process went smoothly without a hitch, you are all safe. 

But that is far from the truth.  Even with all of the security precautions that the online merchant may have taken, you are still at risk.  You may even be wondering, at this point, how is this even possible?

Well, think about it.  Given today’s times, Web applications are becoming the primary target for the Cyberattacker.  It may not be so much now spoofing your financial institution’s website, or even PayPal for that matter, but it is now even other websites as well that are closely tied with the Coronavirus, such as the World Health Organization, etc. 

The way that the Cyberattacker can penetrate into these sites and go virtually unnoticed is that they break through the source code underlying the specific Web application.

For example, many businesses and corporations are often in a rush to launch a new Web app for their client so that they can be stay under budget, and deliver in time, in hopes for more repeat business. Because of this, they fail to test one thing: 

The security in the source code that is being used.  Many times, software developers will very often leave backdoors left behind, which they probably did not intend to do.  The Cyberattacker is always out on the prowl for this, as this is the easiest way to get in and deploy the Malware to steal your credit card information.  There are other weaknesses and gaps also that can be penetrated as well to deploy the same kinds of threat vectors. 

Apart from creating insecure source code, many development teams also make use of what are known as “Application Programming Interfaces”, or “APIs” for short.  This is sort of a plug in which allows the software developer to interweave and couple various source code modules together, without having to write the code from scratch in order to do that. 

Using APIs helps the development team to save time, and to help streamline the process of creating the Web app in question.  But nowadays, there are any APIs that are available online, through many open source platforms.  Of course, the key advantage to this is that they are free, but once again, there is the flip side to this:  These APIs really have not been tested either from a security perspective.

Now the argument might be is if these open source platforms should be testing these APIs to begin with before they can be downloaded, but in the end, the software development team should be still be testing them no matter what.  But, they do not.  So, this issue compounded with the issue of compiling insecure source code makes a huge recipe for a disaster to happen for the online merchant.

In fact, the problem of E-skimming is only forecasted to get worse, especially during the height of this pandemic.  For instance, a Cybersecurity organization known as “Malwarebytes” has tracked an overall increase of almost 30% in March of this year versus February, of which there was only a 2.6% increase. 

And believe it or not, it is the United States that is bearing the full force of this, with 74% of all E-skimming attacks occurring here.  This is followed by Canada and Spain.

Also, it was noted by them that most of the E-skimming activity occurs on Monday, then tails off as the week goes, with the lowest number of attacks occurring on Saturdays.  More information about this recent study from Malwarebytes can be seen at this link:

It is also important to keep in mind that in mind that it is not just the source code itself which is a grave security weakness.  The tools that are used to create other types of Web apps are also at risk as well.  For example, WooCommerce is a popular E-Commerce plugin that is used in WordPress in order to create online stores. 

But just recently, a Cybersecurity researcher known as Ben Martin discovered some malicious JavaScript placed onto the end of a string of already existing Malware.  This allowed for the Cyberattacker to collect credit card and numbers and other banking information including the CVV in a Plaintext format, which was in the form of a cookie.

More information about this discovery can be found here, at this link:

My Thoughts On This

At this point in time, we have no choice left but to shop online for our needed stuff, at least until the stores start to open up once again.  But it is important not to give in to all of this.  My opinion is to keep shopping online as you normally have, but just take the usual safeguards and precautions.  With what is happening today, there is a whole wealth of information out there on this, by doing a simple Google search.

Remember, we are all at risk in becoming a victim of a Cyberattack.  None of us are immune to it.  But the key is being proactive in reducing that risk level.  In this regard, always be checking for your credit card and banking transactions a couple of times a day, to see if there has been any fraudulent activity.