Be Prepared for These Retail Cybercrime Trends in 2017
It wasn’t that long ago that the retail industry received the biggest cybersecurity gut punch it’s had in recent memory. Over the past few years, we’ve seen retailers begin implementing credit card chip technology and other security measures in an effort to protect consumers’ payment data and their brands’ reputations.
However, as technology and security measures evolve, so do attacks. This year is shaping up to deliver a new breed of threats as cybercriminals evolve their tactics to not only steal money and data from consumers, but now the retailers themselves. Of course, awareness is the first step to prevention, so with that in mind, here are three cybercrime trends to expect in the new year:
1. Point-of-sale (POS) attacks will continue to decrease, but will not go extinct. The SonicWall Global Response Intelligence Defense (GRID) Threat Network has seen the number of new POS-related malware families fall from 14 in 2014 to only one in 2016. Despite this testament to the efficacy of chip systems, many retailers still haven’t enabled chip technology. Merchants will need to activate their chip scanners consistently to keep the POS malware trend on the decline.
2. Ransomware and other advanced threats will target retailers. Advanced threats including ransomware are rapidly becoming attackers’ cybercrime of choice as they're easier to engineer and distribute than POS malware and can target individuals, businesses and retailers alike. According to our GRID Threat Network, we’ve seen a massive increase from 4 million detected attacks in 2015 to 500 million in 2016.
Ransomware typically gains access to a network when an employee visits a compromised site or downloads a compromised file via email. It then takes down the retailer’s website and holds it “hostage” until a fee is paid. Most cybercriminals use military-grade encryption, so even large organizations may be susceptible to these attacks. With more small and midsized retailers to hit and a better chance of success, we can expect these groups to fall victim more often.
3. Distributed Denial of Service attacks will grow. Distributed Denial of Service (DDOS) attacks have been around for years, primarily targeting financial and government institutions. However, these attacks are evolving to target the infrastructure of the internet itself, most recently by leveraging the security gaps present in IoT devices. For instance, a growth in unsecured IoT devices led to the massive Mirai malware botnet attacks in October. These DDOS attacks infiltrated IoT systems to crash popular sites, including Reddit, Amazon.com and PayPal.
This type of attack can be especially costly for businesses that process a significant number of transactions online. Cyber thieves may accompany the attack with a ransom note, implying the motivation is a payout. However, this may also be a clever diversion while the cyber thief launches less obvious attacks, such as data exfiltration.
How to Protect Your Business From Advanced Threats
The good news is that retailers aren’t helpless. To protect against these types of attacks, it’s important to have three things: A multilayered approach as your first line of defense; a firewall with intrusion prevention to limit attackers from identifying weak points in the network; and next-generation sandbox analytics to identify zero-day threats. Unlike the more common single-engine sandbox approach which leaves security blind spots, a multiengine sandbox makes it easy to identify attacks that have penetrated the network. Finally, cloud-based solutions which share attack data with global firewall networks substantially reduces the shelf life of malware.
As with so many things in life, communication is key. While retailers may not want to admit they’ve become the victim of a cyberattack, sharing attack information with others in the industry will ultimately give companies the power to keep 2017 from becoming another notable cybercrime year.