Black Friday and Cyber Monday play critical roles in the sales and viability of both online and brick-and-mortar retailers.
According to Adobe Analytics, in 2018, Black Friday recorded over $6 billion in online sales, and Cyber Monday nearly $8 billion. The National Retail Federation (NRF) estimates that 30% of annual retail sales occur between Black Friday and Christmas, making the holiday shopping season a critical time for retailers.
Cybercriminals are well aware of this annual global shopping spree and, by their nature, will follow the money. They have been planning what they can skim, steal, and gain control of for a timely ransomware payout. Organized retail crime is a significant problem, and is reported to cost retailers $30 billion each year through stolen credit card data and other assets.
Here are some steps that retailers can take to protect themselves this season:
1. Practice digital hygiene. With so many attacks facilitated by human error or misconfigurations, keep systems up to date and train employees on how to keep things that way.
2. Improve employee preparedness. In addition to awareness training, make sure employees have a safe way to test links and attachments before opening them. Also, require multiple levels of authentication before approving money, payments, or transfer requests.
3. Segment your networks. Make sure that only the right devices are on the right network segments. Continuous visibility to new devices being added to the network or into exposed credentials that create attack paths will be invaluable for preventing easy network access.
4. Don’t store more data than you need to. In the unfortunate event attackers access and steal databases, they should not have access to extra data like three- or four-digit card verification values (CVVs) or PINs.
5. If free WiFi access is provided, take precautions to detect man-in-the-middle attacks or users attempting to download malware onto devices.
6. Update and test out incident response playbooks. A dry run can be invaluable.
7. Have policies on ransomware and whether you will pay. Testing how quickly one can restore operations can be useful for setting employee and customer expectations. Ransomware attacks on retailers doubled from 2017 to 2018, and per SonicWall, on Cyber Monday 2018, the US experienced a 432% year-on-year increase in ransomware attacks
8. Prepare for digital skimmers. Implement end-to-end encryption to mitigate risk and review mobile apps and take steps to harden them.
9. Do not ignore the physical aspects of a breach. The quickest way to access a network is by visiting the premises and connecting directly. This applies to kiosks and self-checkout terminals, too.
10. Have reliable detection mechanisms for all attack methods and environments. Solutions that require logs or behavioral trending may not prove effective for quick detection. Deception technology, however, will play a powerful role in quickly alerting based on attacker engagement, policy violations, or unauthorized Active Directory (AD) queries.
Author, Carolyn Crandall, Chief Deception Officer and CMO at Attivo Networks