With the fashion industry being the fourth most-targeted sector by threat actors, it’s never been more urgent for the fashion industry to make a special effort to secure Active Directory (AD)
By Kartik Shahani
The growing digitization of fashion businesses also means that these companies are encountering an increased threat of cyberattacks. With the fashion industry being the fourth most-targeted sector by threat actors, it’s never been more urgent for the fashion industry to make a special effort to secure Active Directory (AD), which is a critical piece of the IT infrastructure and reigns supreme as a favoured attack vector.
Fashion companies, which generate a lot of their revenue from e-commerce channels, must protect themselves from ransomware attacks because these attacks compromise AD and can lead to full shutdowns of websites and apps. With the increasing sophistication in cybercrime, the rise in regulatory demands, and customers’ high expectations for digital experiences, fashion brands need to act urgently to strengthen their cyber defences for AD and make AD security a strategic imperative.
Used by most Fortune 500 companies and by enterprises of all sizes, AD is a critical infrastructure service that controls how, when, where, who and what can access IT resources. It’s no surprise that AD has become a primary target for cybercriminals wanting to access sensitive data. Once AD is compromised, threat actors can move across systems and access proprietary information and even extend attacks into cloud environments. With its central role in any organisation’s IT infrastructure, AD cannot be left unprotected. Various stealth techniques allow bad actors to gain access to the IT environment without being noticed for days, months or even years.
AD security challenges brands face
Post mergers and acquisitions: It’s no secret that many renowned fashion brands were once small businesses, each with their own AD infrastructure before being acquired by larger corporations. If these organisations continue to retain their individual ADs, the company can end up with disparate information systems. This is when AD Domain Controllers are faced with the herculean task of managing siloes, potentially putting the organisation at risk. Every AD forest or domain that’s created has its own set of risks and if AD is not managed properly after a merger and acquisition (M&A), organisations will be left with managing multiple AD forests. This can lead to a lack of visibility and may cause them to miss detecting attacks in real-time and cause struggle to identify dangerous trust relationships.
In the process of a M&A, fashion brands must audit the AD of the company that’s been acquired. Assessing the complex AD environment manually can be a time-consuming task. Organisations can use automated solutions that help security teams understand the AD security posture.
Supply chain risks: Given how highly interconnected the fashion industry is, the supply chain threat is a major concern. Cybercriminals often target less secure organisations in the supply chain and look for a breach path. When the supply chain is unsecured, hackers can infiltrate an enterprise’s systems through an outside partner, which helps them gain access to the main target’s data.
Fashion companies engage with many contractors and subcontractors to manufacture clothes, shoes, accessories, etc. When if a single link in the supply chain is not secured properly, it opens up organisations to the threat of cyberattacks. Fashion brands need to protect the interests of all stakeholders including customers, employees, contractors and investors. And this can be done by identifying the weak links in cybersecurity that may lie with partners, suppliers or contractors before it’s too late.
Fashion brands need to assess the level of security of all subcontractors that can access their data and systems. It is important to scan the AD of third-party partners and detect existing security misconfigurations that could be exploited by adversaries, which can be used to move laterally. Plugging these security gaps then becomes easier and is a step towards building cyber resilience in the supply chain.
Securing intellectual property: The idea of data security in the fashion industry is now beyond securing designs and patterns of customer behaviours. The primary threat comes from competitors trying to obtain proprietary information in a stealthy manner. Fashion businesses generate massive volumes of data concerning marketing, retail strategy, manufacturing, warehousing, distribution, inventory management, retail activity and customer relationship management. If AD is compromised, attackers can gain access to all of this information. Once attackers gain access to AD privileges, they can even deploy malware and demand a ransom.
Prevention is better than…
Securing Active Directory is critical for the security of any business including fashion brands. Combating these ever-increasing threats requires fashion brands to proactively detect attacks on AD. It is important to uncover vulnerabilities and AD misconfigurations before attackers exploit them. Strategically assessing the organisation’s overall AD risk can help security teams safeguard valuable information and take appropriate measures to shore up defences and establish deterrence against cyberattacks.
Kartik Shahani is country manager of Tenable India.