Data breaches are becoming more prevalent these days, and the retail sector is definitely seeing its share of attacks. Most recently, a historic data breach impacted up to 1.85 million ‘The Good Guys’ customers.

IBM recently revealed its ‘X-Force Threat Intelligence Index 2023’ report. According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers last year. 

“The retail and wholesale industry was the fifth-most targeted industry, accounting for 8.7% of all attacks among the top 10 industries, up from 7.3% in 2021,” Luq Niazi, Global Managing Partner, Industries at IBM, told Inside Retail.

Phishing on the rise

He went on to say that one of the most concerning aspects of the report is the prevalence of spear phishing emails with a malicious link as an initial access vector for attacks on the retail industry, accounting for 33 per cent of all attacks. 

“This highlights the need for improved employee training and cybersecurity awareness in the industry. The top impacts of these attacks were extortion (50 per cent), credential harvesting (25 per cent), and financial loss (25 per cent).

Niazi feels that given the significant amount of sensitive information and financial transactions involved in the retail industry, it’s not surprising that it’s an attractive target for cyber attackers.

Being proactive

According to him, for retailers and wholesalers, the speed of their response time to a cyberattack can mean the difference between minimal impact on their supply chain and significant disruption. 

“With a complex network of suppliers and partners, a breach in security can quickly spread and cause harm to the entire system. Retailers must rapidly respond to a cyberattack to protect their customers’ sensitive information and financial data,” he explained.

He is of the opinion that retailers and wholesalers can invest in endpoint or extended detection and response technologies that can detect potential threats and stop them in their tracks before they cause any significant harm.

The state of affairs

Niazi feels that cybercriminals are becoming more sophisticated, and their methods for tricking users into clicking malicious links are evolving.

“In these attacks, for example, a cybercriminal may intercept an ongoing email thread between a retailer and a supplier, and then inject a message containing a phishing link that appears to be from the supplier,” he added.

In this case, the retailer may be more likely to click on the link because it appears to be part of a legitimate conversation, which could result in a data breach, financial loss, or other serious consequences. 

Remaining vigilant

At the end of the day, Niazi feels retailers, brands, and marketers need to embrace a new mindset that prioritises cybersecurity and risk management. 

“Rather than thinking of cybersecurity as an afterthought or something that can be dealt with after a breach occurs, businesses should adopt a proactive approach that focuses on prevention and mitigation,” he opined.

He reiterated that one key mindset change that businesses should embrace is a shift towards a “security-first” culture. This means that cybersecurity should be integrated into all aspects of a business, from product design to marketing strategies. 

How to prevent attacks

Niazi feels that retailers can take several steps to prevent cyberattacks and protect their sensitive data and networks. The first step is to implement a zero-trust strategy, as phishing attacks with malicious links remain the most common in the retail sector.

“Retailers should implement strong multi-factor authentication (MFA) to prevent unauthorised access and limit the impact of a potential attack,” he said.

Additionally, he feels that retailers should regularly monitor their systems, restrict access to servers and applications to the minimum required for users to carry out their jobs.

Moreover, retailers should have network designs that can contain the impact of a breach and be confined to a specific region.

AI-infused attacks

Beyond more traditional cyber attacks, Niazi believes that businesses should be ready for the potential of AI-powered attacks becoming more common in future. Cybercriminals are increasingly using AI to identify vulnerabilities in systems, automate attacks, and create phishing scams that appear more realistic.

“This is a concerning trend because it means that attacks can happen faster and with greater precision, making it more difficult for businesses to detect and respond to them,” he observed.

Moreover, supply chain attacks are also a growing concern for businesses in the retail industry. Cybercriminals are targeting third-party vendors and suppliers to gain access to the networks of larger organisations. 

“These attacks can be difficult to detect and can lead to large-scale breaches. To protect themselves against these and other emerging threats, businesses in the retail industry should invest in robust cybersecurity systems and protocols,” he concluded.