Subscribe

Retail ransomware: Secure defences this festive season

With ransomware attacks on the rise, retailers must ensure they can respond swiftly and effectively if they are to limit the damage.
Byron Horn-Botha
By Byron Horn-Botha, Business unit head, Arcserve Southern Africa.
Johannesburg, 30 Nov 2022

With the explosive growth of online shopping, retailers have become a primary target of cyber criminals. According to the State of Ransomware in Retail 2022 report by Sophos, over the last year, retailers reported a 75% increase in the rate of ransomware attacks.

The survey found that 77% of retail organisations were hit in 2021, up from 44% in 2020. And only 28% of retail respondents said they could stop an attack before attackers encrypted their data, which is below the global average of 31%. The average recovery cost from a ransomware attack in the retail sector was $1.27 million, and the average ransom payment was $226 044.

These are international statistics, but they have immense relevance in South Africa, as we are not immune to these global trends.

Retailers are a high-value target for attackers because downtime for them is incredibly damaging, and they are more inclined to pay − and pay quickly − if an attack brings down their systems and halts sales. It is particularly true during events like Black Friday – a crucial sales period for most retailers.

Attackers also target the sector to acquire customer payment details and other personal data, which they use to commit purchase fraud and identity theft or sell to scammers on the Dark Web.

With ransomware attacks on the rise and their impact growing more severe, retailers must ensure they can respond swiftly and effectively if they are to limit the damage. Here are three ways retailers can better repel bad actors and enjoy a happy holiday season.

Practice good cyber hygiene

Good cyber hygiene requires some ongoing efforts. Have a programme to remind employees of strong security practices continuously. Monitor operating systems and other software to ensure they’re regularly updated and patched.

It will help to protect the network with best-in-class security solutions, including firewalls, endpoint security, multi-factor authentication and privileged access management, to name just some.

Most importantly, implement an effective backup and recovery plan. Retailers with such a plan in good working order are less likely to suffer significant damage and data loss from an attack.

Retailers have a heavy security burden.

A solid plan includes regular testing of backup images so issues can be identified and fixed before they cause problems. Always expect the worst and prepare for it.

Cyber insurance offers to compensate policyholders for losses and penalties caused by cyber attacks. In today’s environment, it’s a must-have for businesses. According to IBM, the global average cost of a data breach in 2022 is $4.34 million – few companies would take such a financial knock without serious impact.

The Sophos report noted that most retailers are upgrading their defences with cyber insurance coverage. But for those that don’t have it yet, it’s getting harder to find.

Cyber attacks are getting so common and costly that insurance companies are starting to baulk. The compensation they have to pay out is higher than the premiums they can charge. So, providers are cutting back on the number of cyber insurance policies they write and growing more selective about the companies they will insure.

Many companies are denied cyber insurance because they don’t meet the increasingly stringent requirements, which include effective cyber security measures, such as a solid data backup and recovery plan.

Having this in place will help to convince insurers the business is not a bad risk.

Retail organisations, like all businesses, should look for a data backup, recovery and immutable storage solution that safeguards information continuously by taking snapshots every 90 seconds. This means information can still be recovered, even if cyber criminals overwrite data.

Put trust in zero trust

Retailers have a heavy security burden. Like other businesses, they must protect themselves from internal and external threats. They must ensure employees follow security protocols and that their customers are real customers, not hackers or fraudsters. At the same time, they must make it easy for shoppers to shop, or risk the possibility that they’ll go elsewhere. They must also protect customer data, such as credit card information.

“Zero trust” is an increasingly popular cyber security philosophy that can help retail businesses handle that burden. The zero trust model assumes all users might be up to no good and grants just enough privilege, just in time, for users to perform their tasks and operations − and nothing more.

With zero trust, only minimum permissions are granted at the right time to get a job done, then can be revoked immediately after the completed transaction.

Zero trust also works for data backup, and the good news is that implementing it for backup can be accomplished by simply expanding the security measures already in the network. By adding this extra layer of security, retail businesses can minimise damage if a data breach or cyber attack occurs.

Even if determined cyber criminals can access the database and get hold of usernames and passwords, they will likely not be able to penetrate that extra layer of defence.

Retail businesses are now gearing up for the year’s busiest shopping season. Unfortunately, cyber criminals are also gearing up, preparing to launch the next wave of attacks. 

Share