Cyber Threats in Retail

Cyber Threats in Retail

Cyber threats in the retail sector are diverse and constantly evolving, posing significant risks to both businesses and consumers. Retail is one of the most targeted industries for cyberattacks. Malicious actors are often financially motivated, so what better industry to target than one that involves constant monetary transactions? And, as retail Security becomes more reliant on technology, cybercriminals are finding more ways to exploit the industry.

E-Commerce and Customer Data Security

While you might shop for clothes, homeware, appliances, or stationary, attackers use retailers to shop for data. COVID meant that most shopping purchases, if not all, were done online – e-commerce spending in the US rose by 44% between 2019 and 2020. However, the shift to cyber shopping (which was already becoming increasingly popular before the pandemic) means retailers use more complex, digital environments to collect and store customers’ personal and financial data. Such information is extremely valuable to cybercriminals due to its black-market value. Additionally, retailers are in fierce competition to attract customers and constantly seek to enhance the user’s experience. Doing so, however, requires the use of big data. It is, therefore, no wonder that the retail industry is a large target for data theft as there is a treasure trove of information that attackers can steal and sell on the dark web.

Cyber Threats in Retail - E-commerce
Digital Commerce 360, U.S Commerce Department

Ransomware Attacks in the Retail Industry

Worldwide lockdowns meant physical shopping was prohibited, but thankfully we had access to endless stores online. But what about a cyber lockdown? Ransomware attacks cause the victim’s systems to shut down, preventing operations from being carried out. Ransomware can have a significantly greater impact during busy times, such as Black Friday and Cyber Monday, in which consumers spend billions of dollars in a single day. Operational disruptions, even for just a few hours, can cause major losses in sales. On top of this are the remediation costs, which, in the retail industry, are estimated to be almost $2m.

Cyber Threats in Retail - Ransomware
Sophos’s State of Ransomware in Retail Report 2021

Hardware Attacks and Their Impact

No industry is immune to hardware attacks. Hardware attack tools, known as rogue devices, can carry out further harmful attacks, including data theft and ransomware, while operating under the radar of existing security software, such as NAC, EPS, IDS, and IoT Network Security (Threats in Network Security). Several vulnerabilities within the retail industry expose it to hardware-based attacks, compromising retail security. One such vulnerability is the high employee turnover rate, as retailers often hire seasonal workers. Short-term employment means workers have little loyalty to the company and, thus, are more inclined to carry out an attack. When it comes to hardware-based attacks, an employee can easily compromise data by downloading it onto a USB thumb drive and walking out the door.

Increasing Entry Points and Vulnerabilities

The digitalization of the retail industry means there is an increasing number of entry points. Hardware attacks require physical access, and with an average of five devices to every employee in retail, malicious actors have several access points to exploit. Internet of Things (IoT) devices are becoming more widely adopted within retail, further expanding the attack surface. IoT devices are more accessible, less secure, and provide an entry point to the entire network.

Despite this digitalization, one cannot ignore the vulnerabilities present within traditional stores. As in-person shopping starts to resume, an attacker can slip in with the crowd and covertly attach a malicious device to one of the computers at the check-out.

The supply chain is another vulnerability bad actors exploit (Supply Chain Attacks). The retail industry relies heavily on its suppliers, and data sharing is crucial in enhancing the interconnectedness between the various entities. However, this means every supplier becomes a target as each one could provide an attacker with access to valuable information. Further, a large supply chain means more entry points, thereby increasing the retailer’s vulnerability.

Implementing Zero Trust for Enhanced Security

Zero Trust (ZT) is a concept that enhances enterprises’ security posture. The retail industry often recommends zero trust as a solution for tackling its challenges. Zero trust operates on the principle of “never trust, always verify,” treating every user and asset as suspicious. Rather than inherently trusting insiders, the Zero Trust Architecture (ZTA) verifies and validates every entity that requests network access. The main security protocols of zero trust are microsegmentation and the principle of least privilege. Both seek to limit the impact of an attack, should one occur. While zero trust does strengthen cybersecurity efforts, hardware attack tools manage to bypass the model’s security protocols due to a lack of physical layer visibility. Instead, we suggest adopting a Zero Trust Hardware Access (ZTHA) approach to enhance existing zero trust efforts.


Strategies for Protecting Against Cyber Threats

Sepio’s asset risk management (ARM) provides the physical layer visibility. Sepio’s solution computes a digital fingerprint for all connected hardware assets (IT/OT/IoT). Thereby detecting every device for its true identity, rather than merely relying on its claims. Such visibility allows for the effective enforcement of the zero trust security protocols, thereby enhancing the overall zero trust approach. Furthermore, Sepio’s solution includes a comprehensive policy enforcement mechanism, coupled with its Rogue Device Mitigation capability, ensuring instant blocking of any unauthorized or rogue hardware. This prevents the occurrence of hardware-based attacks.

With Sepio’s platform, retailers are protected on Layer 1, and existing cybersecurity investments are put to better use thanks to greater visibility.

September 14th, 2021