Retailers reported a 75% increase in the rate of ransomware attacks over the last year, according to the State of Ransomware in Retail 2022 report by Sophos. The report found that 77% of retail organisations were hit in 2021, up from 44% in 2020.
And only 28% of retail respondents said they were able to stop an attack before attackers encrypted their data, which is below the global average of 31%. The average recovery cost from a ransomware attack in the retail sector was US$1.27 million, and the average ransom payment was US$226,044.
Retailers are a high-value target for attackers because downtime for them is incredibly damaging, and they are more inclined to pay—and pay quickly—if an attack brings down their systems and halts sales. It is particularly true during the holidays, a crucial sales season for most retailers. Attackers also target retailers to get their hands on customer payment details and other personal data, which they use to commit purchase fraud and identity theft or sell to scammers on the dark web.
With ransomware attacks on the rise and their impact from them growing more severe, retailers must take steps to ensure they can respond swiftly and effectively to an attack to limit the damage. Here are three ways retailers can better repel bad actors and enjoy a happy holiday season.
1. Practise good cyber hygiene
Retailers should expect to be targeted in an attack and prepare for it by maintaining good cyber hygiene. Good cyber hygiene requires some ongoing efforts. There should be a program to remind retail employees of strong security practices continuously, coupled with monitoring of the operating systems and other software to ensure they’re regularly updated and patched. Retailers need to invest in protection with best-in-class security solutions, including firewalls, endpoint security, multi-factor authentication (MFA), and privileged access management (PAM.
Retailers with an effective backup and recovery plan in good working order are less likely to suffer significant damage and data loss from an attack. A solid plan includes regular testing of their backup images so they can identify and fix any issues before they cause problems.
2. Consider cyber insurance
Cyber insurance offers to compensate policyholders for losses and penalties caused by cyberattacks. In today’s environment, it’s a must-have for businesses. The average cost of a data breach in 2021 was over US$4 million, according to a report by IBM and the Ponemon Institute, which is a cost many businesses can’t bear.
The Sophos report cited above notes that most retailers are now upgrading their defences with cyber insurance coverage. As cyberattacks are getting so common and costly, insurance providers are cutting back on the number of cyber insurance policies they write and growing more selective about those companies they will insure.
Many companies that can’t get cyber insurance are denied because they don’t meet the ever more stringent requirements. Retailers have a much better chance of getting cyber insurance approved if they meet current requirements, such as having effective cybersecurity measures like solid data backup and recovery plan. It will help convince insurers that the business is not a bad risk.
Retail organisations should look for a data backup and recovery and immutable storage solution that safeguards information continuously by taking snapshots every 90 seconds. This way, they can still recover their valuable information, even if cybercriminals overwrite the data.
3: Put your trust in zero trust
Retailers have a heavy security burden. Like other businesses, they must protect themselves from internal and external threats. They must ensure their employees follow security protocols and that their customers are real customers, not hackers or fraudsters. At the same time, they must make it easy for shoppers to shop or risk the possibility that they’ll go elsewhere. They also must protect customer data, such as credit card information.
“Zero trust” is an increasingly popular cybersecurity philosophy that can help your retail business handle that burden. It assumes that all users might be up to no good and grants just enough privilege, just in time, for users to perform their tasks and operations—and nothing more. With zero trust, only minimum permissions are granted at the right time to get a job done. You can then revoke those permissions immediately after the completed transaction.
Zero trust also works for data backup and implementing it for backup can be accomplished by simply expanding the security measures already in the network. By adding this extra layer of security, retail businesses can minimise damage if a data breach or cyberattack occurs. Even if determined cybercriminals can access your database and get ahold of usernames and passwords, they will likely not be able to penetrate that extra layer of defence.
Retail businesses are now gearing up for the year’s busiest shopping season. Cybercriminals are also gearing up, preparing to launch a wave of attacks that will turn merriment into misery for many companies. For a successful season, retailers must secure their data and safeguard the personal information of their customers.
David Lenz is vice president – Asia Pacific at Arcserve.