Trustwave Corporation

10/29/2024 | Press release | Distributed by Public on 10/29/2024 07:02

Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Defining the Cyber Assault on the Retail Sector

Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Defining the Cyber Assault on the Retail Sector

October 29, 20243 Minute Read

The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers.

Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year.

The report, which follows up on the well-received 2023 Trustwave SpiderLabs' Threat Briefing and Mitigation Strategies, is the culmination of months of effort by more than 250 Trustwave SpiderLabs cybersecurity experts from across the globe, tasked to research the top threats in today's retail landscape. The report focuses on the unique threats retailers cope with daily, how attackers have tailored their tactics specifically for retail targets, and how the inherent complexity of the retail environment offers an adversary a myriad of potential attack vectors.

Most importantly, the report contains mitigations that an organization can take to best protect itself.

Some of the report's key findings include:

  • 58% of attacks originate with a phishing incident
  • 47% of stolen user sessions leverage Amazon domains
  • 15% of ransomware attacks are attributed to the threat groups Play and LockBit
  • 62% of ransomware attacks struck US targets

Additional in-depth information on these topics is included in the report.

A few salient points noted in the report bring into focus the need for retailers to ensure their security is ready. The average cost of a retail-sector data breach is $3.5 million, but the potential reputational damage to organizations that count on repeat business from brand-loyal customers is potentially catastrophic.

Staples, Ace Hardware, and Home Depot were all hit with attacks within the last 12 months. The severity of these attacks was telling, with data on 10,000 Home Depot employees being exposed, Staples and Ace Hardware each having customer PII stolen and systems knocked offline. The report is accompanied by two focused pieces of research.

The deep dive into e-commerce threats examines the risks e-commerce platforms encounter and provides mitigation guidance, empowering organizations to keep e-commerce environments and customer data safe. The report covers some common methods threat actors use to gain access, such as buying log stealer results, using web shells, and credential stuffing, along with the different vulnerabilities attackers favor for exploitation.

The Fraud Targeting Retailers report looks at how threat actors attempt to convince consumers and employees to voluntarily turn over valuable personally identifiable information (PII) through a massive number of scams that can be almost impossible for the average person to discern as fraud. This information can then be used to further defraud or attack retailers.

Understanding Retail-Specific Threats

As noted in earlier Trustwave SpiderLabs' research reports, seasonality, third-party partners, the franchise model, and protecting brick-and-mortar stores and facilities play a large role in the cybersecurity problems facing any organization, but are particularly a concern for retailers.

During high-volume shopping periods, retailers are inundated with orders, transactions, and consumer requests, which strain their security resources, thus opening holes that aggressors can manipulate to their advantage.

The report details the threat posed by potentially unsecure third-party partners and how retailers face attacks from two flanks by having to protect their cyber and physical environments.

Finally, franchisees often operate semi-autonomously, which can lead to inconsistencies in security practices across different locations, again multiplying the security problem.

Defining Attack Techniques

Knowing and preparing for an attack is only half the battle retailers face. The latter portion is understanding a threat actor's plan of attack, how they will gain entry and then move once inside, which is critical to halting an incident.

In the report, Trustwave SpiderLabs explains the initial access techniques, execution methodologies, how critical credentials are accessed, lateral movement, and how persistence is maintained. Understanding these steps is key for a security team as each can be defended, giving an organization multiple opportunities to mitigate an attack.

Upcoming Webinars

Trustwave will run three supporting webinars offering a first-hand explanation of all the retail reports by the researchers themselves and an opportunity to ask questions:

  • Risk Radar: A 360-Degree View of Threats in Retail
  • A Deep Dive into Threats and Strategies for Protecting E-Commerce Data
  • Fraud Targeting Retailers: A Growing Threat

You can register here for all three webinars.

Download the Report

We encourage you to download the 2024 Trustwave Risk Radar Report: Retail Sector along with the deep dives Rise of E-Commerce Threats and Fraud Targeting Retailers. Each resource highlights the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods, like Black Friday and Cyber Monday. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures. highlight the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures.

Share:
Copy LinkLink Copied
X

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave.

Stay Informed:

Subscribe

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.