Retail Sector Still a Favorite Playground for Cybercriminals
Retail firms are increasingly shifting toward digital environments, making them more likely to be targeted by cybercriminals. In addition, the pandemic-led restrictions have accelerated online purchasing since the last year. Recently, several retail organizations, including PupBox, have been affected by security incidents that compromised their customer data.
In recent months, multiple retail organizations have been targeted by cyberattacks, including Croma, Kmart, Brendon, Dickey's Barbecue Pit, Ticketmaster, Viandes Dubreton, Premier Kids Care, Inc., and Designer Brands Inc., among others.
- The most affected regions included Southeast Asia, Eastern Europe, and North America. However, retailers in other regions aren’t targeted as frequently as the U.S.-based ones.
- The major attack vectors used in these recent cyberattacks, leading to data theft, include unauthorized access, code injection, ransom demands, phishing, spoofing, and fraud.
- The Qakbot trojan and TrickBot botnet have been particularly targeting the retail sector. Additionally, active ransomware groups targeting the sector were identified as Zeppelin, Egregor, Ransom X, and Clop.
According to a report from Imperva, 2020 saw a record number of cyberattacks targeting retail websites. Right after stay-at-home orders, the web traffic to retail websites increased by 28%, in comparison to the 2019 holiday shopping season.
- More than 30% of cyber attacks originated from the USA, with Ukraine and Russia combined accounting for 27%.
- Around 98% of attacks on online retailers were automated bots found to be targeting websites, mobile apps, and APIs.
The sudden digitization and lack of adequate security are making the retail sector more vulnerable than ever before. Thus, experts suggest monitoring POS systems to check for breaches, educating employees about cybersecurity, testing company email systems for malware, and encrypting any essential data to keep it safe.