Summary of Key Points
- Nearly half of all data breach incidents target retailers, and nearly 20% of customers say they’ll stop shopping at companies that let themselves get hacked—which makes cybersecurity a vital priority for these types of businesses.
- Common cyberattacks targeting retail businesses include phishing, credential stuffing, attacking IoT endpoints, supply chain attacks, and APTs.
- By investing in cybersecurity services like endpoint detection & response and vulnerability scanning, retail businesses can better protect themselves and their customers.
When it comes to cyber attacks, retail businesses face a different kind of risk than companies in other high-vulnerability sectors like healthcare and financial services. That’s not just because 45% of all data breach incidents target retailers, according to some sources—major retail businesses are also more public-facing than other kinds of companies, which means successful cyberattacks that target them can easily become front-page news.
It’s common knowledge that cybersecurity breaches erode public trust in retail businesses. According to one study, nearly 20% of consumers say they’ll stop shopping at a company entirely if they find out a breach has taken place there. With numbers like that, learning about common cybersecurity threats to retail companies and how to prevent them is vital to the health of your business. Below, we’ve outlined 5 of the most common and provided examples.
We write about phishing scams a lot, because they’re incredibly common and they target businesses in every industry. However, the retail sector is the top target of phishing attacks worldwide. These scams often appear as messages in the form of emails or texts—trying to get someone at the business to reveal sensitive information unsuspectingly.
Phishing emails often appear to come from an organization’s vendors, partners, investors—or even customers. Typically, they either ask for the information in question or encourage the recipient to click on a link (which is called HTTPs phishing), which leads to a page that downloads malware onto their devices or lets hackers access their data.
- Cost: the average large organization loses nearly $15 million to phishing scams each year.
- Collateral damage: in addition to costing a company money, phishing can lead to a loss of proprietary information and disrupt business activities. High profile cases can also be incredibly damaging to a company’s reputation.
- How can it be prevented? Investing in your endpoint security is one of the best ways to strengthen your network against phishing attacks, since many aim to infect access points to your network with malware. Our endpoint detection and response protection allows you to isolate compromised devices and prevent any malware on them from spreading.
Stolen Customer Information
Many phishing emails are easily identifiable because they come from email addresses or phone numbers that are obviously suspect—mispelled or unintelligible domain names or offshore area codes are common giveaways. But sometimes, hackers who have successfully stolen a customer’s identity can use it to wreak havoc on a business.
One of the most common ways hackers do this is to contact a business with a customer’s personal information, posing as the person in question, before requesting financial details—such as payment card data. Once they have successfully obtained this information, they can sell it to other bad actors, making more money and increasing the customer’s vulnerability.
Using customer information in ways that impact a business doesn’t always rely on human error. In many cases, hackers use large amounts of stolen customer information to access the networks of retail targets directly (called credential stuffing)—which makes threat detection and response all the more important.
- Cost: Retail businesses often face multimillion dollar class-action lawsuits when customer data has been hacked on a large scale. In one particularly famous example, T-Mobile lost $350 million settling investigations resulting from a breach that affected the personal data of nearly 80 million customers across the United States.
- Collateral damage: The reputational damage a widespread leak of customer information can cause is devastating. Even companies that beat class-action lawsuits related to stolen data face scrutiny in major media outlets, which can haunt them and taint their relationships with customers for years to come.
- How can it be prevented? Cybersecurity training for all employees with access to customer information is a vital part of minimizing the risk that it will be shared with bad actors. Meanwhile, investing in routine vulnerability scanning for your business can alert you to security gaps that could be exploited when hackers are going for your network directly.
Attacks on IoT Technologies
The use of wireless and contactless technology to process retail transactions has increased exponentially since the COVID-19 pandemic. While contactless payment via Square Terminals and similar technology improves human health and increases short-term convenience, these devices can also be vulnerable to cyberattacks.
In 2020, for example, it was found that malware could easily be written onto Point of Sale devices made by Verifone and Ingenico, allowing them to be used to steal payment card information from anyone who used them. Worse yet, this process could be completed in less than 10 minutes.
- Cost: The potential cost of a widespread cyberattack on the IoT devices retail companies use to process payments is incalculable. The annual value of transactions made with mobile PoS systems is expected to reach $2.88 trillion in 2022.
- Collateral damage: When PoS systems are compromised, so are business operations. Not only do these hacks cause widespread erosion of public trust; they halt sales as well.
- How can it be prevented? Endpoint protection services can make your IoT devices, including PoS systems, considerably less vulnerable to malware. It’s also a good idea to consider SOC as a service, which allows you to support your in-house cybersecurity team with help from dedicated and heavily-vetted third party experts.
Supply Chain Attacks
Increasingly, hackers aren’t going after major retailers directly. Instead, they’ll attack vendors elsewhere in a retail company’s supply chain, counting on these organizations to have more vulnerable networks and then using their access to get inside the real target.
But attacks on a given business can affect retailers in its supply chain unintentionally, too—take the example of this Toronto Cannabis store that lost thousands after the logistics company it depended on for product delivery was incapacitated by a cyberattack in August 2022. In this case, even though the retailer wasn’t the target, its operations were severely disrupted.
- Cost: Global supply chain issues cost companies $184 million every year, according to recent research—much of which is related to cybersecurity breaches.
- Collateral damage: Not only can supply chain attacks have significant up-front costs; they can easily damage your business’ relationships with partners and suppliers.
- How can it be prevented? Having a robust and consistent incident response process can help you respond to supply chain attacks quickly and mitigate the damage they’re able to do.
Advanced Persistent Threats (APTs)
Unlike other attacks mentioned in this article, which typically operate according to a “get in and get out” philosophy, APTs rely on sustained and undetected access to a company’s network. Usually conducted by well-coordinated groups with extensive resources (like state-sponsored hackers), these types of attacks are intended to steal information from a target over long periods of time.
While many APTs are aimed at governments, large retail corporations are also prime targets. As retail businesses widen their potential attack surface by relying more on cloud-based services and complex IT stacks, it becomes harder to identify and respond effectively to these attacks.
- Cost: A group like APT38 (which specializes in these types of attacks) creates damages worth over $41 million on average when an attack is successful.
- Collateral damage: An APT is like a disease that slowly spreads throughout an organization’s network. Because APT attacks often take place over months (or even years), the damage they can do within organizations they infiltrate can be extremely widespread.
- How can it be prevented? Managed SIEM solutions can provide swift and ongoing identification, detection, and resolution of your security alerts. This makes it more likely that APTs will be flagged and dealt with before the threat actors behind them have a chance to complete their work.
Keeping Your Retail Business Safe from Cyber Threats
Whether your retail business is large or small doesn’t matter—you owe it to yourself, your customers, and your stakeholders to make cyberattacks as difficult as possible for the people who might want to carry them out. Find out how Virtual Armor’s services can improve your cybersecurity posture when you contact us for more information.