Home Six COVID-19 Cyber Security Insights for Retailers

Six COVID-19 Cyber Security Insights for Retailers

PREVIEW:

Today’s outlook for retailers is a mixed bag. Consumers may be finding deals from distressed retailers. However, the shutdown has been a brutal reality for many segments within the retail industry. Although COVID-19 vaccines are on the horizon to offer hope, retailers still face major challenges. The reliance on digital technology has increased due to the coronavirus pandemic. Analysts expect this trend to persist even after the pandemic subsides. Here are some guideposts for securing your retail business during this volatile time of transition.

A report on the first half of 2020 states there were 4.83 million cyberattacks, a 15% increase over the prior year. 1 Fewer retailers means less competition and more cyber risk. If you’re a retail organization and you’ve survived to this point, then things are looking good for your market share with fewer competitors to contend with.2 However, this also means there are fewer retailers for cybercriminals to attack. A report on the first half of 2020 states there were 4.83 million cyberattacks, a 15% increase over the prior year.3 For example, an APT group called FIN11 attacks point-of-sale (POS) in retailers, restaurants, and other industry sectors. Recent attacks by FIN11 have stolen data and extorted ransomware payments from retailers using CLOP ransomware attacks.4

SIX COVID-19 CYBER SECURITY INSIGHTS FOR RETAILERS

Under these conditions, it is vital for retailers to prevent malware from entering their IT environments. Sandboxes that allow traffic to pass into your environment while spending up to 5 minutes to identify threats already in the network is no longer acceptable for threat prevention. Your solution for advanced threat prevention must stop today’s multi-vector threats outside your environment including your data centers, cloud deployments, SaaS, and endpoint and mobile devices. As a further backstop, it’s prudent to have purpose-built ransomware protection that blocks bot behavior within networks and backs up files for rapid restoration.

The pandemic has accelerated existing trends in the economy towards the increased use of technology, remote work, and automation.5 COVID-19-caused shifts to more digital likely permanent Walmart’s latest quarterly report stated that the discount retailer’s online sales grew by 79 percent as customers eschew in-store visits for online transactions.6 According to U.S. Federal Reserve Chairman Jerome Powell, the economy we knew is probably a thing of the past. The pandemic has accelerated existing trends in the economy towards the increased use of technology, remote work, and automation.7

In support of Powell’s assertion, Apptopia reported the average daily downloads for popular digital grocery apps Instacart, Walmart Grocery, and Shipt have surged since February.8 Yet with all this progress, one must remember that software developers can’t be rushed to bring new products to market without adequate security testing. The new software that powers online transactions, curbside services, touchless checkout, contactless-delivery services, and other COVID-19 related technologies likely contain flaws that grow retailers’ threat surfaces. Application security as well as preventative malware protection and DLP controls are increasingly needed in today’s business climate.

SIX COVID-19 CYBER SECURITY INSIGHTS
FOR RETAILERS

Employees working from home add risk Retailers, like businesses in other sectors, are asking corporate employees to work from home to prevent COVID-19 spread. This introduces security risks from employees’ unprotected home WiFi, routers, and IoT. Retailers must adopt secure VPN communications with remote workers as well as endpoint protections, document security, and protection for SaaS to prevent account takeovers in insecure home offices.

Streaming via social media boosts sales and threats

Whether live streaming sales demonstrations or using on-demand video, retailers are discovering that streaming content on social media is offering a new revenue stream much like per-inquiry advertising does on television. For example, Dong Ming Zhu, chairwoman of Gree Electric, recently sold more than US $43.8 million worth of home appliances in a three-hour live stream event.9 Retailers engaged in streaming should provide security and compliance controls on their Facebook pages, Twitter accounts, LinkedIn pages, and other streaming venues with security measures that utilize social network APIs.10

Download the full text here.

1 Mary K. Pratt, 6 security shortcomings that COVID-19 exposed, CSO Online, Nov 16, 2020.
2 Teresa Rivas, How COVID-19 Changes Are Actually Helping Some Retail Stocks, Oct. 7, 2020.
3 Mary K. Pratt, 6 security shortcomings that COVID-19 exposed, CSO Online, Nov 16, 2020.
4 Ravie Lakshmanan, FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks, The Hacker News, October 14, 2020.

5 Anneken Tappe, The economy as we knew it might be over, Fed Chairman says, CNN Business, November 12, 2020.
6 Melissa Repko, Bertha Coombs, Walmart earnings top expectations as customers’ new shopping habits send e-commerce sales soaring
79%, CNBC, November 17, 2020.
7 Anneken Tappe, The economy as we knew it might be over, Fed Chairman says, CNN Business, November 12, 2020.
8 Adam Blacker, Instacart and grocery delivery apps set consecutive days of record downloads, Apptopia.com, March 2020.