Retail ransomware attacks on the rise
Retail cyber attacks are rising at an alarming rate with 69% of retailers experiencing a ransomware attack. A recent study also found that the industry experienced a 90% increase in ransomware attacks last year. What’s behind this rise?
As technology continues to advance, it becomes increasingly crucial for retailers to fortify their defences against these evolving cyber threats to maintain consumer trust and secure the future of retail operations.
The surge in these attacks can be attributed to a multitude of factors stemming from both organizational vulnerabilities and the strategies employed by cybercriminals.
Implications of an attack
These attacks can have particularly significant financial repercussions, with the average cost of a data breach in the industry costing $2.96 million in 2023. JD Sports is one recent example of a company that recently faced this challenge, with the personal and financial information of 10 million customers potentially accessed by hackers.
What’s more, attacks can also entail legal liabilities, fines, loss of critical information, reputational damage and exhaustion of resources required to deal with the impact of attack. Going back to JD Sports, the retailer potentially faced fines of more than £17 million when it was attacked.
Major attacks can also often generate significant media and public attention, especially when they involve household names – which brings with it reputational damage. This damage can be further heightened if customer data is exposed. This can cause mistrust, with 59% of customers avoiding a brand after a cyber attack, questioning the company’s ability to protect personal information.
How are cyber criminals targeting the industry?
Hackers are increasingly taking advantage of vulnerabilities in retailers’ IT systems. Hackers are targeting retailers through their point-of-sale (POS) systems, which retailers use to process payments and track inventory. These systems allow retailers to process payments, manage inventory, and track sales, which all involve sensitive data. It makes hacking into these systems extremely attractive targets for cyber criminals.
In addition to POS systems, hackers can also target other IT systems such as e-commerce websites or inventory management systems, accessing sensitive information that they can then hold to ransom. A report by IBM revealed that retail cyber attack victims experienced extortion in 50% of attacks.
Managing complex third party attacks is vital
Third party attacks also seem to be an increasingly attractive route for hackers to attack retailers. A recent report from NCC Group found that supply chain cyber attacks have increased by over 50% since 2021. When you consider how complex supply chains can become, spanning multiple countries and hundreds of businesses, it raises the question of how businesses can protect themselves from attacks on suppliers.
We saw an example of such an attack earlier this year, through the attack on payroll provider, Zellis. The hacker group Clop exploited a vulnerability in MOVEit, a file transfer software, which enabled them to steal personal data from the payroll provider. As many organisations use Zellis – including major British retailer Boots – it had a wide-scale impact on hundreds of businesses. Boots, for example, saw employees’ personal data stolen. So, while Boots was not directly the target, it still faced serious repercussions and concerns from staff.
Retailers need to be aware of the cyber risks to their third-party relationships and take steps to mitigate these. They also need to be prepared to respond to third-party attacks if it does occur. It is key to understand how third party suppliers approach security and gauge potential vulnerabilities in their systems, to understand how your organisation might be impacted should the supplier be breached.
Should the worst happen, and a supplier faces attacks, it is vital to have a plan in place which should include isolating the affected supplier, notifying customers if necessary and recovering from the attack. It is also critical to carry out reviews or investigations to understand how the attack impacted your organisation, what data may have been stolen and how to recover it if possible.
Coming back to your own security process and procedures, remember: there is no ‘one size fits all’ solution to mitigating cyber risks. Different businesses face different challenges, so security solutions need to be bespoke to meet these demands.
This will require a deep understanding of how the business is set up digitally. For example, look at how many office and store locations are in place and how they’re connected. The wider your network and further your data travels between locations, the greater the risk becomes. By understanding the digital operating environment, you can choose security measures that are most effective to protect both business and customers.
Other factors that can influence your security posture include how your employees approach security. For example, if employees bring in their own devices, this could increase an organisation’s attack surface if connected to business networks and systems, even Wi-Fi. Ensuring that your employees are trained to understand cyber risks, warning signs and how to respond in the event of a threat, is vital to preventing attacks.
Find the right partner When putting different cyber solutions in place, you might find yourself working with different providers for different services. This works, in principle, but can prove difficult to manage and ensure you are getting the most out of each provider. Working with a managed service provider to manage your digital and IT set-ups and systems can overcome these challenges. They can make sure all services and products are properly integrated and secure, so that your security posture is as strong as it can possibly be.
See the full article in Technology Dispatch here.
Book your no-obligation consultation today, and let SysGroup help you along your technology transformation journey.