Shopping online, running down to the grocery store, or buying a new pair of shoes are small activities that we rarely consider dangerous. But cybercriminals actively target the retail industry, eager to steal customer data or your payment details.
The retail sector is a lucrative target for cybercriminals, with the global market size expected to reach 7.4 trillion dollars by 2025. The Intel 471 whitepaper analyzed a range of attack vectors and threats currently affecting the retail industry, giving their predictions as to what the sector can expect in the future.
Ransomware and supply chain attacks persist
The first persistent threat to the retail industry is ransomware attacks. Their impact on e-commerce operations can result in huge financial and reputational losses. Considering that threat actors might release sensitive customer data upon unsuccessful ransom negotiations, such attacks could lead to long-term distrust among consumers.
In the assessed period between Jan. 1, 2021, to Nov. 10, 2021, Intel 471 recorded 140 ransomware-associated attacks on the retail industry. The top five ransomware variants were Conti, Lockbit 2.0., Avaddon, DarkSide, and Grief respectively. Some of the initial access vectors included the “exploitation of public-facing applications, external remote services, and valid accounts.”
Intel 471 also identified a growing relationship between ransomware operators and sellers of compromised data, which provides additional shortcuts for benefiting from access to customer information and corporate networks.
Supply chain and third-party services attacks were also actively exploited by malicious hackers in 2021. As such companies usually store customer payment details and do not follow the same security protocols as retail organizations, they remain easier targets. A retail company may suffer monetary losses even if it’s not directly involved in the incident, as in the case of third-party services breaches.
Using digital payments? Threat actors do so, as well
Customers love effortless shopping from the comfort of their homes, incentivizing threat actors to create sophisticated tactics to defraud consumers. Payment fraud is not new and is definitely not exclusive to the retail industry. However, it’s used quite often due to time-proven techniques utilized by cybercriminals. Digital skimming malware is commonly used as it can be deployed against the entire e-commerce platform by injecting malicious code into the checkout page.
Point-of-sale malware is another tool that threat actors have up their sleeves to obtain payment information and customer data. By exploiting PoS systems used by companies to process online transactions, cybercriminals can steal information with almost no physical effort since many types of such malware operate as data sniffers. Such malware obtains card data that can be furtherly used by threat actors.
A gift with a surprise
Gift cards and reward fraud remain common in the retail industry. The report considers them to be “low-effort” tools popular with cybercriminals thanks to how widespread gift cards are and how easy it is to trade them online.
Such cards allow for some degree of anonymity, as they are difficult to track due to the lack of associated PII. Additionally, gift card transactions and reward redemptions do not need to be logged, allowing cybercriminals to cash out easier.
Threat actors also targeted reward program accounts to obtain and sell gift cards, which could be furtherly used in the retail industry.
Intel 471 expects the number of attacks targeting the retail industry to increase exponentially as the opportunities to exploit e-commerce activity rise.
More from Cybernews:
Subscribe to our newsletter