The Trustwave report this year highlights the escalating cyber threats targeting the retail sector, particularly e-commerce platforms, alongside an increase in fraud against retailers. This report marks the second year of meticulous research by Trustwave SpiderLabs into these pressing security issues. It identifies significant trends that are currently affecting the retail industry, including the rise of ransomware, changing compliance requirements, and the surge in e-commerce activities. Trustwave SpiderLabs provides a comprehensive overview of threat actor techniques at different stages of an attack and offers practical intelligence to help mitigate these risks.
2024 Trustwave Research Series
The 2024 research series from Trustwave delves into key areas of concern for the retail sector. These include the “Trustwave Risk Radar Report: Retail Sector,” “Retail Deep Dive: Rise of E-Commerce Threats,” and “Retail Deep Dive: Fraud Targeting Retailers.” These extensive reports reveal essential findings, such as the fact that 58% of cyber attacks originate from phishing, a staggering 47% of stolen user sessions involve Amazon domains, and alarmingly, 92% of credential access techniques are brute-force attempts. Additionally, the reports show that 15% of ransomware attacks were executed by the Play and LockBit groups, with 62% of those attacks targeting the US and 16% specifically aimed at food and beverage retailers.
Rise of Phishing and Credential Theft
Phishing continues to be a prevalent method employed by cybercriminals, with 58% of attacks in the retail sector originating from such schemes. These attacks often involve deceiving individuals into revealing personal information, such as login credentials or credit card numbers, which are then used maliciously. The report highlights a worrying trend wherein 47% of stolen user sessions involve Amazon domains. This indicates a targeted approach by threat actors to exploit the popularity and trust associated with major e-commerce platforms. Additionally, it is noted that 92% of credential access techniques are brute-force attempts, where attackers use automated methods to guess passwords until they gain access. This underscores the pressing need for robust authentication mechanisms.
Ransomware and Its Impacts
Ransomware is another significant threat identified in the report, with 15% of ransomware attacks in the retail sector being carried out by notorious groups like Play and LockBit. These attacks have predominantly targeted the US, accounting for 62% of incidents, and a significant 16% specifically aimed at food and beverage retailers. The impact of ransomware attacks can be devastating, leading to operational disruptions, financial losses, and reputational damage. Trustwave emphasizes the critical importance of having an incident response plan in place, as well as investing in cybersecurity infrastructure to safeguard against such attacks. The holiday season, in particular, poses increased risks as cybercriminals tend to exploit high-traffic periods.
Cybersecurity Challenges in Retail
Trustwave emphasizes that cybersecurity in the retail sector presents unique challenges owing to the complex IT environments retailers operate within. These environments often span in-store systems, online platforms, and extensive supply chains. Retailers are also uniquely vulnerable to threats stemming from seasonal fluctuations, third-party dependencies, physical security risks, and franchise models. These factors contribute to a multifaceted threat landscape that requires a nuanced approach to cybersecurity. Trustwave’s CISO Kory Daniels underscores the severe financial and trust impacts a single security incident can cause, especially during critical periods like the holiday season. This scenario necessitates the implementation of robust cybersecurity measures to ensure sustainable business operations.
The Complexity of Retail IT Environments
Retail IT environments are inherently complex, integrating various systems from in-store point-of-sale terminals to expansive e-commerce platforms. This complexity is further compounded by supply chains that involve multiple third-party vendors with varying levels of security measures. Seasonal fluctuations, such as those seen during holiday shopping periods, add another layer of vulnerability as retailers ramp up processing capabilities to manage increased traffic. This often means temporarily relaxing certain security protocols, which can open windows of opportunity for cybercriminals. Ensuring that all aspects of the retail IT environment are fortified against potential cyber threats is a monumental task requiring constant vigilance and adaptation.
Seasonal and Third-Party Risks
The latest Trustwave report sheds light on the growing cyber threats that are increasingly targeting the retail sector, with a particular focus on e-commerce platforms. This comprehensive analysis reveals a rising trend in fraudulent activities targeting retailers. Now in its second year, this detailed research by Trustwave SpiderLabs emphasizes key issues currently plaguing the retail industry, including a notable increase in ransomware attacks, evolving compliance requirements, and a significant boost in e-commerce operations.
Trustwave SpiderLabs delves deep into the strategies used by threat actors at various stages of their attacks, offering valuable insights and practical intelligence to help combat and mitigate these risks. The report underscores the necessity for retailers to fortify their defenses and stay ahead of evolving threats. Moreover, it highlights the importance of understanding these emerging security challenges to develop more robust protective measures.
Trustwave’s findings serve as a crucial resource for retailers seeking to navigate the complexities of cybersecurity, providing both an overview of the threats and actionable steps to defend against them.
