3 Minute Read
The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers. Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year. The report, which follows up on the well-received 2023 Trustwave SpiderLabs’ Threat Briefing and Mitigation Strategies, is the culmination of months of effort by more than 250 Trustwave SpiderLabs cybersecurity experts from across the globe, tasked to research the top threats in today's retail landscape. The report focuses on the unique threats retailers cope with daily, how attackers have tailored their tactics specifically for retail targets, and how the inherent complexity of the retail environment offers an adversary a myriad of potential attack vectors. Most importantly, the report contains mitigations that an organization can take to best protect itself. Some of the report's key findings include: Additional in-depth information on these topics is included in the report. A few salient points noted in the report bring into focus the need for retailers to ensure their security is ready. The average cost of a retail-sector data breach is $3.5 million, but the potential reputational damage to organizations that count on repeat business from brand-loyal customers is potentially catastrophic. Staples, Ace Hardware, and Home Depot were all hit with attacks within the last 12 months. The severity of these attacks was telling, with data on 10,000 Home Depot employees being exposed, Staples and Ace Hardware each having customer PII stolen and systems knocked offline. The report is accompanied by two focused pieces of research. The deep dive into e-commerce threats examines the risks e-commerce platforms encounter and provides mitigation guidance, empowering organizations to keep e-commerce environments and customer data safe. The report covers some common methods threat actors use to gain access, such as buying log stealer results, using web shells, and credential stuffing, along with the different vulnerabilities attackers favor for exploitation. The Fraud Targeting Retailers report looks at how threat actors attempt to convince consumers and employees to voluntarily turn over valuable personally identifiable information (PII) through a massive number of scams that can be almost impossible for the average person to discern as fraud. This information can then be used to further defraud or attack retailers. As noted in earlier Trustwave SpiderLabs’ research reports, seasonality, third-party partners, the franchise model, and protecting brick-and-mortar stores and facilities play a large role in the cybersecurity problems facing any organization, but are particularly a concern for retailers. During high-volume shopping periods, retailers are inundated with orders, transactions, and consumer requests, which strain their security resources, thus opening holes that aggressors can manipulate to their advantage. The report details the threat posed by potentially unsecure third-party partners and how retailers face attacks from two flanks by having to protect their cyber and physical environments. Finally, franchisees often operate semi-autonomously, which can lead to inconsistencies in security practices across different locations, again multiplying the security problem. Knowing and preparing for an attack is only half the battle retailers face. The latter portion is understanding a threat actor’s plan of attack, how they will gain entry and then move once inside, which is critical to halting an incident. In the report, Trustwave SpiderLabs explains the initial access techniques, execution methodologies, how critical credentials are accessed, lateral movement, and how persistence is maintained. Understanding these steps is key for a security team as each can be defended, giving an organization multiple opportunities to mitigate an attack. Trustwave will run three supporting webinars offering a first-hand explanation of all the retail reports by the researchers themselves and an opportunity to ask questions: You can register here for all three webinars. We encourage you to download the 2024 Trustwave Risk Radar Report: Retail Sector along with the deep dives Rise of E-Commerce Threats and Fraud Targeting Retailers. Each resource highlights the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods, like Black Friday and Cyber Monday. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures. highlight the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures.
Understanding Retail-Specific Threats
Defining Attack Techniques
Upcoming Webinars
Download the Report