Ransomware in retail is arguably the closest the public gets to seeing the devastation of cyberattacks. One day everything at the local grocery store is normal; the next, it can’t process card payments, restock shelves or perform even the simplest of automated tasks. One week, children are enjoying their favorite snacks; the next, the products are nowhere to be found on the shelves. One can only imagine the loss should a ransomware attack last for a prolonged period.
The retail industry’s growing dependence on data and connectivity makes it a lucrative target for cybercriminals. When held to ransom by cybercriminals, the loss of business, customer loyalty, and even livelihoods become a real possibility.
Thousands of Entry Points Demand a Zero-Trust Approach
Since retail networks are highly connected both internally and with their suppliers, an attack can start from a poorly protected endpoint, point-of-sale (POS) system or any one of thousands of connected things along their supply chain. It’s therefore essential for retailers to take a holistic view of their business and be aware of all entry routes as they consider how to best to thwart cyberattacks.
As retailers experience a sharp increase in the amount of data they’re using, they’re also seeing a growing number of endpoints benefitting shoppers’ experiences, such as smartphone apps, kiosks and more, all of which add to a growing attack surface.
It’s not only the customer-facing tech which are vulnerable. The Internet of Things-enabled warehouse, supply chain software, connected partners, or even the electric delivery van are all possible entry points for an attack. In fact, the software supply chain has been increasingly used as an attack vector across industries in recent years because the potential impact and spread of a supply chain attack can be far greater than targeting an individual victim.
With so many potential ways to start an attack, it becomes a cybercriminal’s playground. To address this, retailers need to implement a zero trust architecture which trusts nothing and continuously verifies everything. In addition, this hypergrowth of connections and data suggests strongly that artificial intelligence (AI) be used as a core tenant of zero trust to sift through the mountains of information that come with it to predict and prevent attacks with a high degree of accuracy.
Don’t Be a Victim: Revise the Attackers’ Handbook for Retail Ransomware
Retail cyber teams must be on the lookout and prepare for new crime techniques deployed specifically for their environment.
Retail POS systems continue to be a lucrative target as cardholder data flows between consumers and retailers. Access to such data should therefore be tied to job functions like managers. Equally, all endpoints through which it could be accessed should be carefully planned and monitored from a single console, helping to avoid vulnerabilities posed by gaps in responsibility and ownership.
Next, it’s vital to check all system layers for hidden malware. Ideally, a team would do this on a regular basis. Without these checks, some breaches could go unnoticed for months, hidden amid the multitude of layers of retail software used by any one organization. During that time, hackers can quietly move around the network exploring the systems and set up tactics to engineer the most effective ransomware attack possible.
Organizations should deploy an in-depth approach to cybersecurity technologies to ensure no layer of the system goes unchecked. Ordinarily, this might take weeks or months, but with AI, machine learning (ML) and, when needed, the assistance of an outsourced managed services team, the job can be done in a fraction of the time. By sweeping the environment regularly, teams can detect any deviations from the norm faster. Meanwhile, if a dormant threat is found, incident response teams can stop executions before they strike. This wealth of experience allows retailers to focus on key security initiatives, rather than spending time and valuable resources recovering from breaches or triaging endless alerts.
Pre-Empt, Prevent, Protect
As retail environments transform from traditional storefronts to robust digital businesses, this famously diverse industry is united in its vulnerability to modern threats.
To protect our stores and favorite snacks from attacks, it’s essential to protect the integrity of transactions, customers’ data, and retail networks with an AI-based zero trust architecture along with robust security practices. The scourge of ransomware in retail can be set right — but it will take the whole industry working together using contemporary approaches with an eye towards preventing attacks before they gain traction.
Gary Davis is the senior director of marketing strategy and communications at BlackBerry, a company that provides enterprises and governments with the software and services they need to secure the Internet of Things.