Retail industry the next cyber-crime target
New research has emerged that shows the number of cyber-attacks against retail businesses doubling in the past year. Breaches involving the loss of client information or the leaking of information has risen 38% from last year.
British Airways, Wonga, Sports Direct and Tesco are just some of the firms affected by this increasing focus of cyber-criminals on the retail industry. With the increasing online technology, such as online shopping, loyalty programmes and electronic recipes, the shops are becoming a goldmine for online thieves looking to leverage stolen data for a quick buck.
Wonga, the payday lender was hit by a large-scale attack in April when they admitted around 250,000 customers could have had their names, address, bank accounts and sort codes stolen in this illegal and unauthorised access.
Last year, Tesco Bank suffered a similar fate when one in three customers had their data compromised. The Tesco attack is being believed to be one of the biggest cyber-attacks on a British bank to date with 40,000 accounts compromised and 20,000 account with monies stolen.
With external factors, such as rising minimum wages, rate increases and exchange rate falls, overhauling cybersecurity has become a low priority for some retailers.
Retailers spend on average one third of company spending on cyber security, compared to administration, real estate and other industries. This could explain the huge rise in attacks.
Retailers need to seriously look at the amount they are spending on their security. It dosen’t need to cost the earth but modern security technologies need to be utilised to build a secure retail network. Below are some primary challenges retailers face with their security, and how to overcome them,
1. Not being able to keep up with today’s intelligent attacks.
Many of today’s attacks happen with a layer of techniques deployed to infiltrate the network on different layers. The best approach to eradicate this threat is Unified Threat Management which combines complex tasks into a single device which defends on every networking layer on a system making protection more complete and affordable.
2. Threats not being blocked at the perimeter.
If a system has an advanced enough anti-virus/anti-malware, there is a chance the programme will stop an attack in the network, but this is a risky game. Encrypted traffic often goes hidden inside files and applications, Deep Packet Inspection is needed to inspect encrypted traffic (HTTPS) before it gets on the network.
3. Overly complex networks.
Too many appliances from too many vendors leads to too much installing, management and maintenance. Modern appliances offer many extensions that integrate and provide a seamless, ease-of-use interface. Retailers often have multiple locations and centralised systems can cut costs and make life easier and more secure.
4. Unknown devices.
With work devices, BYOD and personal devices, there can be a lot of apps vulnerable to cyber-criminals. Choosing a firewall with advanced capabilities can allow for the quarantine of guest and employee devices lacking current protection.
5. Unplanned disruptions.
No-one can plan for everything, retail businesses are everyday at risk of fires, power outages equipment failure and lost devices. To become invincible against these kind unexpected situations, a back-up plan that can restore everything from an individual file to the whole network will give your retail business resilience.
Retail networks can be complex and when business is booming, looking after the security of it can take a back seat. While complex systems can be an excuse of why you haven’t upgraded your security, the same excuse is used for cyber-criminals whop see these complex systems as an easy, and now very popular, target.