Researchers have published details on the recent British Airways hack, connecting it to a criminal network active since 2015. The group is otherwise known for taking advantage of websites that have failed to secure payment data entry forms and skimming data submissions. The British Airways attack, however, seemed to be a more complex attack designed more specifically for the company and its specific infrastructure. “The British Airways attack we see as an extension of this campaign where they’ve set up specialized infrastructure mimicking the victim site.” The hackers likely “injected” their own code into poorly secured portions of the existing websites, which would not involve penetrating an entire network and would also explain the set timeframe of data that was stolen.
Source: How Hackers Slipped by British Airways’ Data Defenses | WIRED