4 min read  | Cybercrime

Identifying and handling common cybersecurity threats in the retail industry

Every year, retail businesses across the globe serve billions of customers, processing terabytes of personal and financial information during these transactions. Retailers, in turn, use this data to improve their processes and service-delivery models.

The sensitive nature of data collected and stored during these transactions, however, makes retailers an attractive target for threat actors, and the numbers back this up.

In 2020, the retail industry was the fourth most-targeted industry by cybercriminals after finance, manufacturing, and energy industries—10.2% of all cyber attacks were targeted at retail businesses.

The high vulnerability ranking in 2020 was not unprecedented either. The retail industry has been one of the top five most targeted industries over the last five years—in 2019, retail was the second most vulnerable industry.

Most cyber attacks are targeted at small and medium enterprises, which do not have the expertise or resources to prevent attacks by threat actors. The tight integration of technology in retail has only exacerbated these threats, as it increases the attack surface for cybercriminals.

With technology set to take centre stage in retail businesses across the industry, retailers must know how to identify cybersecurity threats in retail and take necessary measures to protect retailers from these attacks.

Biggest cybersecurity threats in retail 

As cybersecurity experts, we know that threat actors use a range of methods, ranging from simple social engineering to sophisticated DoS/DDoS attacks to target unsuspecting businesses. Obtaining monetary benefits is the motivation behind 99% of these attacks.

Another thing to note is that many cyber attacks are caused by internal errors; retail employees not following basic cybersecurity protocols, engaging with emails from unauthorised personnel, and accidentally sharing confidential information with threat actors.

Here are the most common types of cyber attacks carried out against retail businesses:

  • Retail phishing attacks

Email phishing is perhaps the simplest form of cyber attack in retail. Despite being common knowledge, phishing attacks are still widely used by threat actors to target employees across the retail industry.

On top of this, phishing attacks act as a point of entry, from which cybercriminals can initiate more sophisticated forms of attacks like malware attacks. 96% of all malware is delivered through emails.

In 2013, retail giant Target was the victim of one of the most infamous retail phishing attacks of all time. One of the vendors accidentally opened an email, which installed a Trojan programme on Target’s POS system and collected credit card information of customers.

  • Ransomware attacks

Ransomware continues to be one of the most successful forms of cyber attacks across all industries. In recent years, the number of ransomware attacks on retailers has seen a significant increase—this type of attack accounted for 18% of all cyber attacks against the retail industry in 2020.

Retailers are especially vulnerable during peak business days like Black Friday and Cyber Monday. In our experience, we have seen ransomware attacks halt retail business activities for days at a time, causing significant damage to the reputation of the business.

In July 2021, Swedish retailer Coop fell victim to a Kaseya ransomware attack, which led the retailer to close more than 800 stores across Sweden. Kaseya ransomware creators make more than $100 million annually in such attacks. 

How to handle common retail cyber threats

  • Conduct regular training for retail employees

With the majority of cyber attacks directly linked to security oversight by retail employees, it is imperative to conduct regular cybersecurity awareness training programmes that educate employees on the latest security advancements and threats. Through this, retailers can enhance their cybersecurity posture significantly.

  • Update legacy systems to close all potential entry points

Many retailers use legacy hardware and software solutions in their daily operations. While these are adequate to perform routine business activities, they expose retailers to cyber threats, as they are not adequate to handle modern cyber attacks. 

Retailers can increase the strength of their cybersecurity infrastructure by investing in up-to-date software and hardware solutions that can detect and prevent potential malicious activity.

Retail cyber attacks are preventable if retailers take necessary measures

The retail industry has become one of the favourite playgrounds of threat actors due to the general lack of cybersecurity awareness. 

That said, cybersecurity threats in retail can be entirely prevented if retailers stay updated and follow cybersecurity best practices.