December 16, 2022 By Ronda Swaney 4 min read

It’s the most wonderful time of the year for retailers and wholesalers since the holidays help boost year-end profits. The National Retail Federation (NRF) predicts 2022 holiday sales will come in 6% to 8% higher than in 2021. But rising profits that come at the cost of reduced cybersecurity can cost companies in the long run when you consider the rising size and costs of data breaches.

The risk of data breaches and other cyber crimes can make this shopping season feel pretty perilous. It makes sense to learn about the types of cyberattacks aimed at this sector, particularly at this time of year, and what retailers and wholesalers can do to protect themselves.

’Tis the season for cyber crime

Consumers started holiday shopping enthusiastically this year and have spent at record levels, despite inflation concerns. Adobe Analytics forecasts consumers will spend $209.7 billion online between Nov. 1 and Dec. 31. Hackers stand ready to steal their slice of the loot. Check Point Research found a sharp increase in fake shopping sites ahead of Black Friday sales. They also found that 17% of malicious files distributed by email in November were related to orders, deliveries and shipping and since the start of November, 4% of all new shopping-related websites were found to be malicious. Fake websites and phishing scams were the prime means of duping consumers.

Wholesalers and retailers rank as threat targets

Retail and wholesale were the fifth-most targeted industries according to the X-Force Intelligence Threat Index 2022 ranking. They accounted for 7.3% of all attacks in 2021. Among those attacks, 35% were aimed at retail and 65% at wholesale. This split reveals the increased interest of threat actors in wholesale operations, perhaps due to their critical role in supply chains and the transport of goods from manufacturers to third-party resellers and even direct to consumers. The report notes that phishing was the top infection vector for the sector, with stolen credentials coming in second, and vulnerability exploitation coming in third.

Below are tips for retailers and wholesalers to avoid becoming a cyber crime victim during the holiday season and all year long. Following this advice can help make your enterprise a safer shopping and selling environment.

1. Educate users and consumers

Cyber criminals never stop learning and refining ways to attack. You need to take the same approach by committing to continuous education to ensure your users and consumers stay informed about how attacks evolve. This can include annual or bi-annual training sessions for internal teams, which include real-world examples of social engineering, phishing, vishing and spoofing attacks. You may want to incorporate regular testing and assessment to ensure the training has been successful. You may also find an education campaign helpful for your consumers. Ensure they know where they can find accurate information about sales and deals. Also, help them learn signs for knowing which websites are legitimate and which are suspect.

2. Use a multilayer approach to fight phishing

There’s no one-size-fits-all approach to stopping phishing attacks. These attacks are simple to execute, and hackers work constantly to improve their approaches making fake emails harder to detect. A multi-layer approach erects defenses to make these attacks more difficult to deploy.

  • Educate users on what to watch for. This education should include real-world examples.
  • Email software security tools can help filter out malicious messages.
  • Eventually, a phishing email will slip through. Use defenses that quickly catch malware and unusual lateral movements through your network, such as behavior-based anti-malware detection.

3. Apply a zero trust model

A zero trust framework assumes your network is always at risk from both internal and external attacks. When that belief is your starting point, it clarifies the policies and strategies used to counter threats. These tips can get you started:

  • Identify your most valuable assets. The point of zero trust is to protect what’s most valuable for your company. For retailers and wholesalers, that’s likely consumer PII.
  • Define roles and limit access. Your data and resources should be inaccessible by default. Follow the rule of least-privilege access so that only certain roles under specific circumstances can access information.
  • Verify every connection. Default to authenticating and authorizing every connection, internal or external.
  • Wall off your networks. The ability to move laterally from one network server to another is a prime culprit in data breaches. Walling off networks and preventing that lateral movement can help contain the damage if and when a break occurs.

4. Take vulnerability management seriously

Software vulnerabilities provide fertile ground for security breaches. Applying timely patches and updates helps close some of these vulnerabilities, but they evolve so quickly that it can feel like a losing battle. These tips help refine your vulnerability management response:

  • Set up a team dedicated to vulnerability management.
  • Sign up for alerts from national agencies, like the Cybersecurity and Infrastructure Security Agency (CISA). These alerts describe the threat and offer resources and advice to mitigate damage.
  • You can also turn to sources like IBM’s X-Force Exchange, a repository of vulnerabilities and criticality levels to identify the most concerning vulnerabilities, and to X-Force Red, a specialized vulnerability scanning and management service.

5. Automate security to ease the workload of your security and IT teams

Speed matters when addressing security threats. Using automation to identify and respond to threats can help slow or even stop attacks before they escalate. Automation can outsource to machines the tasks that would take human teams much longer to accomplish. This type of outsourcing also helps relieve some of the pressure that your security and IT teams feel when threats arise.

To outsource these tasks, you can look to automation tools. For example, the IBM Security QRadar SOAR platform provides a central hub to make incident response more efficient. It also correlates security alerts to intelligence feeds to unearth malicious indicators and malware incidents. The tool also offers playbooks that help guide your team on the steps to follow during incident response.

The holiday season should be a wonderful time of year for retail and wholesale businesses. Strengthening your cybersecurity defenses helps ensure the holidays remain happy and profitable and reduces the chance of putting your users or consumers at risk.

More from Retail

Cost of a data breach: Retail costs, risks and prevention strategies

3 min read - Whether it’s online or brick-and-mortar, every new store or website represents a new potential entry point for threat actors. With access to more personally identifiable information (PII) of customers than most industries, bad actors perceive retail as a great way to cash in on their attacks. Plus, attackers can duplicate attack methods more easily since retailers share similar cybersecurity infrastructure. The good news for retail is that the cost of a data breach in the sector remains low compared to…

Lessons learned by 2022 cyberattacks: X-Force Threat Intelligence Report

3 min read - Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors, malware trends and industry-specific insights. This year, a new industry took the infamous top spot: manufacturing. For the first time in over five years, finance and insurance were not the top-attacked industries in 2021, as manufacturing overtook them by a…

Magecart Attacks Continue to ‘Skim’ Software Supply Chains

4 min read - Did your company or e-commerce firm recently buy third-party software from a value-added reseller (VAR) or systems integrator? Did you vet the vendor code? If not, you could be at risk for a Magecart group attack. Magecart is an association of threat actor groups who target online shopping carts, mostly from within the e-commerce platform Magento. The Magecart name is derived by combining ‘Mage’ (from Magento) with ‘cart’ (shopping cart). This type of attack is especially dangerous as it only…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today