Are Retailers Prepared for a Surge in Holiday Cyberattacks?

November 1, 2024

As the festive season approaches, retailers are bracing for a potential tsunami of cyberattacks, with cybersecurity experts warning of an alarming rise in threat activity. The 2024 Retail Risk Report by Trustwave has highlighted a significant surge in cyberattacks against retailers, particularly during the winter holidays when consumer spending reaches its peak. The report indicates that phishing remains the leading method employed by cybercriminals, responsible for 58% of incidents. Phishing attacks often deceive employees and customers into revealing sensitive information by appearing as legitimate communications. Alongside phishing, other common methods of attack include the abuse of valid accounts and exploiting known vulnerabilities within systems.

An astonishing 90% of credential access attempts are facilitated through automated brute-force attacks, where attackers use software to rapidly test various password combinations. Moreover, ransomware continues to be a substantial threat, especially in the United States, which experienced 62% of all ransomware attacks. Although the notorious Lockbit gang’s percentage of attacks has decreased from 34% to 15%, the overall number of ransomware incidents is on the rise. This suggests that other cybercriminal groups are stepping in to fill the void, leading to an increasing frequency of these malicious campaigns.

The Impact of Cyberattacks on the Retail Sector

As the holiday season nears, retailers are gearing up for a possible surge in cyberattacks, with cybersecurity experts cautioning about a marked increase in threat activity. The 2024 Retail Risk Report by Trustwave highlights a notable rise in cyberattacks targeting retailers, especially during the winter holidays when consumer spending peaks. Phishing remains the top tactic used by cybercriminals, accounting for 58% of incidents. These phishing attacks often trick employees and customers into divulging sensitive information by mimicking legitimate communications. Besides phishing, other prevalent attack methods include the misuse of valid accounts and exploiting known system vulnerabilities.

A staggering 90% of credential access attempts are driven by automated brute-force attacks, where attackers employ software to swiftly test various password combinations. Additionally, ransomware remains a significant threat, notably in the United States, which faced 62% of all ransomware attacks. Although the infamy of the Lockbit gang has diminished, dropping from 34% to 15%, the total number of ransomware incidents is climbing. This indicates that other cybercriminal groups are filling the gap, resulting in an increased frequency of these harmful campaigns.

Subscribe to our weekly news digest.

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for Subscribing!
We'll be sending you our best soon!
Something went wrong, please try again later