The holiday shopping season is a busy one for retailers. Black Friday has already broken records with over $9.1 billion in sales and Cyber Monday likely to follow suit. The holiday shopping period will continue throughout the month of December and is often a prime season for hackers and malicious attackers trying to catch unprepared retailers on and offline.
Over the months of November and December, ransomware attacks have increased 70%, compared to January and February and the Retail & Hospitality Information Sharing and Analysis Center (RH-SAC) expects, phishing, credential harvesting, fraud, and malware to increase over the holiday shopping period.
We’ve put together a list of attacks retailers need to be aware of as well as some key advice on how organizations can protect themselves.
Here are a list of common threats retailers need to be aware of during this holiday shopping season:
Malicious hackers, taking advantage of the increased online shopping activity, might amp up their website attack efforts. This might include Magecart attacks, which originally referred to Magento compromises, but now more broadly include attacks that exploit commonly used third-party website services (like Shopify or Squarespace). These kinds of attacks can be used to steal customer information and often skim credit card details or personal information that can be used in future attacks.
If a hacker wants to specifically target and damage a company, they may also leverage DDoS attacks to take down the site or slow it down sufficiently enough that it’s unable to handle the increase in legitimate purchase orders. While DDoS attacks are simple to recover from compared to more sophisticated attacks, downtime during this crucial time can result in a major loss in revenue.
Card not present or CNP fraud refer to fraudulent purchases made with stolen credit cards (often stolen via the above attacks). Losses as a result of CNP fraud is expected to surpass $10B by 2024. Malicious hackers also engage in various kinds of eCommerce fraud, including chargeback fraud, where purchases are refunded via credit card companies and refund fraud, where purchases made on a stolen card are refunded to a separate credit card.
These attacks can be deployed at any time but opportunistic attackers are likely to increase the prevalence of the attacks knowing resources are tight at this time.
This year has been one where the supply chain has been most scrutinized. Geopolitical and socioeconomic factors alongside the pandemic have impacted many industries via a lagging supply chain that’s slowing down order fulfillment and product assembly, ultimately affecting customer satisfaction.
If retailers aren’t prepared, bad actors might try and attack a physical or digital supply chain partner to impede a retailer’s ability to serve their customers during the holiday period. For example, an attacker might target a shipping partner, a payment processing partner, or a fulfillment partner. By targeting the supply chain, attackers may be able to wreak havoc on dozens of companies at once.
For retailers with physical stores, they may be susceptible to physical card skimming attacks, which are designed to steal customers’ credit card data by compromising the credit card payment processing device, usually via malware. As beacons and IoT technology are increasingly used by retailers, they need to be accounted for as part of an overall cybersecurity strategy.
These additional endpoints only increase a retailers’ attack surface and may be compromised if the right security isn’t in place. Savvy attackers can also compromise bluetooth-enabled devices to reach in-store customers who might have their bluetooth on, exposing their device and personal information.
These risks, in addition to the year-round risks all companies face, might seem insurmountable but retailers can adopt a few key strategies to better protect themselves and manage their risk. This includes:
Many attacks like Magecart, payment skimming, and malware-based attacks usually work in tandem with a vulnerability exploit — often the first point of entry. However, by having an effective vulnerability and patch management strategy, you can vastly reduce the exploits that can be used against you. A general rule of thumb is to have all your software, apps, devices, and systems updated at all times, and have a system in place to account for more involved updates that might bring down certain services.
Effective third-party and supply chain risk management is a lofty task but it often starts with communication. You should be in constant communication with your most critical suppliers and infrastructure providers and you should work towards having an ongoing assessment and monitoring of your supply chain partners’ security posture.
Understanding what they’re capable of managing, what they’re susceptible to, and how a potential attack might put you at risk can help you prioritize your cybersecurity departments tasks and priorities to shore up gaps and minimize supply chain risk.
During this elevated period of risk, you should also work closely with them to ensure they’re equipped to deal with risks associated with the holiday shopping period and have communication and contingency plans in case of a compromise. This will allow you to recover quickly and reduce the downtime that might occur as a result of a supply chain attack.
Physical retailers often do this, and for good reason. In the same way that stores hire seasonal workers to handle an increase in shopping activity, you might want to look for ways to supplement your cybersecurity department and additional departments. This might include outsourcing detection and monitoring capabilities, increasing your customer support departments to reduce the risk of fraudulent orders, and expanding your IT department to handle any issues related to your website.
If you think your department doesn’t have the capabilities or resources to manage this elevation in risk, consider working with a comprehensive cybersecurity partner. Managed Detection and Response (MDR) services can help an organization achieve a more resilient comprehensive cybersecurity state.
These outsourced cybersecurity partners act as a fully-equipped cybersecurity department that provides 24/7 monitoring, detection, and response capabilities and have the knowledge and expertise required to proactively handle and manage new threats and an increase in attacks during key periods like the holiday shopping season. By leveraging expert intelligence, automated remediation, and advanced threat hunting capabilities, your existing cybersecurity and IT department can save time and focus on more important responsibilities that often arise at this time.
Don’t miss out on exclusive content and exciting announcements!