Press Center

Malware and antivirus software

News

From the back office to the till: Cybersecurity challenges facing global retailers

Created: 2022-02-14 06:45:50

It’s hardly surprising that the retail sector is one of the most frequently targeted globally, with retail sales in the US alone projected to top $5.2 trillion in 2022. Consumers’ money and data have for years been a big potential prize for cybercriminals to get their hands on, and the surge in digital investment and online shoppers prompted by the pandemic has only made retail a more attractive prospect for would-be hackers. Malicious insiders, negligent staff and misconfigured or vulnerable software across networks, endpoints and point of sale (POS) devices have all widened the corporate attack surface over the years.

In this context, cybersecurity plays a critical role in protecting customers’ personal and financial data, keeping ransomware at bay and preserving brand reputation. Ultimately it is a means of seizing opportunity – the opportunity to drive closer customer engagement and grow business.

As a new report from ESET makes abundantly clear, the pandemic has already had an outsize impact on the sector. How well retailers can manage the surge in online threats may define their long-term success in a post-pandemic world.

ESET industry report on retail: Evolving threats to data and payments
Read full report

What’s at stake?
COVID-19 has helped to transform retail organizations from the back office to the POS terminal. It’s also exposed them to new cyber-risks. Mass remote working made tools like Microsoft Exchange and Kaseya more popular for communication and IT management. They were duly exploited en masse for data theft and extortion.

More broadly, retailers are exposed at multiple points in their IT infrastructure, including customer databases, POS terminals, marketing automation, web search optimization tools, and payment processing platforms and services. We’ve seen everything from phishing to ransomware, man-in-the-middle attacks to SIM swapping and spoofed mobile apps. In fact, the tactics, techniques and procedures (TTPs) used more broadly in COVID-themed attacks are all present in targeted campaigns against retail customers and businesses.

From POS to e-commerce
POS was traditionally the number one target for data-hungry attackers – most notably in the high-profile breaches of tens of millions of accounts at Target and Home Depot several years back. There’s still a threat here today, as we saw with the discovery of the ModPipe POS malware and the impact of the Kaseya supply chain attacks on some retailers POS systems. However, the widespread adoption of EMV cards – which can’t be cloned as easily using stolen POS data – and new systems like Apple Pay are starting to force more malicious activity online.

That general trend was given a huge push with the advent of COVID-19, with online as a percentage of total retail sales increasing from 16-19% in 2020. Here’s a snapshot of some typical e-commerce threats today:

  • Magecart-style digital card skimming malware has become a major risk to online retailers. One gang compromised over 2,800 digital stores in just a few days. Another skimming campaign resulted in a £20 million fine for British Airways.
  • More sophisticated card-stealing malware has even been found lurking in CSS files, social media sharing icons, and favicon metadata in a bid to outwit security tools.
  • IIStealer malware, discovered by ESET researchers, is a particularly sophisticated way to steal customer credit cards. It compromises web servers, waiting for users to check out and pay for items. After saving the related credit card information without impacting the user experience, the malware exfiltrates the data to the attackers, hiding it in legitimate website traffic. In this instance, even the HTTPS padlock is no protection for users, as IIStealer waits for requests to be decrypted on the server side before logging information from them.
  • E-commerce plugin malware such as a 2020 campaign which exploited security bugs in WordPress plugin WooCommerce to provide access to the website’s database.

Protecting e-commerce servers
For retailers, these risks are heightened by the presence of rigorous data protection regulations like the GDPR and the Californian CCPA, alongside industry data security standard PCI DSS. Non-compliance could result in major fines and reputational damage, leading to customer churn – a serious risk in an industry where loyalty is hard won but easily lost.

There are no silver bullets for solving these challenges. And best-practice cybersecurity should have multiple layers to it, from the end user to the endpoint. But at a high level, retail IT security teams can help to mitigate some of these risks by better securing their back-end e-commerce servers. Consider the following:

  • Use dedicated accounts with strong, unique passwords for admins
  • Require multifactor authentication (MFA) on all administrative and more privileged accounts for extra protection
  • Regularly update the server’s operating system and applications, and carefully consider which services are exposed to the internet to reduce the risk of exploitation
  • Protect customer data at rest with encryption, which will render it useless to thieves
  • Consider using a web application firewall, as well as a reputable security solution on your server
  • Deploy robust, multi-layered endpoint defenses to prevent, detect, and respond to threats
  • Retailer IT environments span everything from back-end logistics and CRM to the front-end e-commerce store and POS terminals in brick-and-mortar stores. That’s a large target for the bad guys to aim at. As online business continues to grow and digitally transform, the key to competitive advantage will increasingly be defined by how well risk-based cybersecurity strategies stack up.



About ESET
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at https://eset.version-2.sg.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities. For more information, please visit https://www.version-2.com.sg/ or call (65) 6296-4268.

Why ESET?

ESET has over 25 years' experience of helping people to Enjoy Safer Technology. Our software is light on hardware, but hard on malware.

Our Technology

ESET’s award-winning NOD32® Antivirus technology is at the cutting edge of digital security. It’s updated daily to keep you secure.

Free Support

Enjoy your free, industry-leading customer support locally. For technical, sales and marketing enquires dial +65 6296 4268.