Besides dealing with the pandemic last year, the retail sector also became the top target for ransomware and data-theft extortion attacks.
According to Sophos State of Ransomware in Retail report, retail organisations became a prime target for ransomware during the Covid-19 pandemic, when many retailers started trading online for the first time simply in order to survive, while others saw a huge increase in their web traffic and online transactions.
“The retail sector has always been an attractive target for cyberattacks with its complex, distributed IT environments including a multitude of connected point-of-sale devices, a relatively transient and non-technical workforce, and access to a wide range of personal and financial customer data,” says Chester Wisniewski, principal research scientist at Sophos.
“The impact of the pandemic introduced additional security challenges that cybercriminals were quick to exploit.”
Indeed, the survey finds that retail organisations were particularly vulnerable to a small but growing new trend: extortion-only attacks, where the ransomware operators don’t encrypt files but threaten to leak stolen information online if a ransom demand isn’t paid. More than one in 10 (12 per cent) retail ransomware victims experienced this, nearly double the cross-sector average of seven per cent. Only central government, at 13 per cent, was more affected.
Retail, together with education, faced the highest level of ransomware attacks during 2020, with 44 per cent of organisations hit (compared to 37 per cent across all industry sectors), while over half (54 per cent) of the retail organisations hit by ransomware said the attackers had succeeded in encrypting their data. A third (32 per cent) of those whose data was encrypted paid the ransom.
“The comparatively high percentage of targets hit with data-theft based extortion attacks is not entirely surprising. Service industries such as retail hold information that is often subject to strict data protection laws and attackers are only too willing to exploit a victim’s fear of fallout from a data breach in terms of fines and damage to brand reputation, sales and customer trust,” explains Wisniewski.
“It’s not all bad news for retail IT managers, however. While enabling, managing and securing IT during the pandemic increased the overall IT workload for three quarters of retailers―the sector was also the most likely (at 77 per cent) to see a positive return in terms of enhanced cybersecurity skills and knowledge.
“To secure retail IT networks against ransomware and other cyberattacks, we advise IT teams to focus resources on three critical areas: building stronger defences against cyber threats, introducing security skills training for users including part-time and temporary staff, and, where possible, investing in more resilient infrastructure.”
