The success of retailers depends on being able to offer consumers what they want. That means, for example, stocking Halloween costumes in October, turkeys in November, and Christmas decorations in December. Cybercriminals are all too aware of this fact and more than willing to capitalize on it, typically for financial gain or to cause disruption.
The holiday season is the busiest time of year for retailers and contributes a significant portion of their revenue—research published in Forbes even revealed that, for SMEs, the holiday season accounts for at least 25% of yearly revenue. As such, service disruptions during this period can be devastating.
Stop and Shop, a major grocery store chain, recently suffered inventory issues leading up to Thanksgiving due to a cyberattack on its systems. While, according to reports, Stop and Shop did manage to stock the all-important turkeys and hams before Thanksgiving, the attack underscores the massive impact cyberattacks can have on retail companies' bottom lines.
How Attackers Disrupt Retail Operations
Let's explore how cybercriminals attack retailers and disrupt store operations.
Ransomware Attacks
In some cases, attackers will specifically target an organization to disrupt its operations, especially during high-volume business periods like Black Friday or Thanksgiving. Ransomware, which involves threat actors encrypting critical systems or data to make it inaccessible until a ransom is paid, is perhaps the most obvious attack method during this period.
Ransomware attacks on retailers are particularly effective during busy periods because victims are often more likely to pay the ransom. If the cost of paying a ransom is less than that of disruptions, it's easy to see why organizations would be willing to give in to attackers' demands.
We should note here that paying a ransom is rarely the best course of action. Attackers aren't exactly known for keeping their word, and there's no guarantee they'll decrypt data after receiving payment. Moreover, by sending money to a cybercriminal group, you fund future malicious operations or criminal activities and directly contribute to future attacks.
And if you're the victim of a double extortion ransomware attack where there's an additional threat and the attackers stole sensitive data before encrypting it, you may be susceptible to a second ransom demand to prevent them from releasing the data.
Distributed Denial of Service (DDoS) Attacks
DDoS attacks on retailers typically involve overwhelming critical systems with an immense volume of fake traffic or malicious requests. These attacks are designed to exhaust the system's resources, causing slowdowns or even complete outages.
By disrupting inventory management systems, attackers can cause missed inventory updates, delayed shipments, stockouts and overstocks, and, ultimately, customer dissatisfaction.
Nearly all retailers rely on their websites and online payment systems for sales. A DDoS attack can overwhelm these systems and make them unavailable to customers resulting in lost online sales, especially during critical periods such as the holiday shopping season.
All these situations can significantly impact retailer revenue and profits.
Supply Chain Attacks
In many cases, disruptions to retail inventory is just one consequence of an attack on a company in a retailer's supply chain. This type of attack has been in the news recently - an attack on US supply chain management company Blue Yonder recently caused significant disruption at two major UK grocery store chains.
Retailers rely on real-time data to manage supply chains, inventory, and logistics. An attack on their suppliers can result in inaccurate inventory, shipment delays and out-of-stock in physical stores.
How Retailers Can Defend Against Disruption to Retail Operations
Retailers can prevent the vast majority of attacks that could disrupt inventory by implementing cybersecurity measures and evaluating existing efforts. This includes:
- Regular Software Updates: Implementing a patch management plan for inventory management systems can significantly reduce the risk of a successful attack.
- Employee Security Awareness Training: Human error is the most common cause of a successful attack. Training employees to identify and report phishing emails, use MFA, and use strong passwords, for example, will go a long way toward protecting your inventory from disruption.
- Data Backups and Recovery Plans: Creating backups for critical inventory data will ensure you can continue operating in the event of a breach.
- Email and Digital Risk Protection: Leverage tools like Digital Risk Protection(DRP) and Email Security & Anti-Phishing to protect your brand and defend against sophisticated Business Email Compromise attacks.
- Cybersecurity Tools: Purchasing tools like File Integrity Monitoring (FIM), Security Configuration Management (SCM), Vulnerability Management (VM), and Web Application Firewalls (WAFs) will help close security gaps, detect potential attacks, and mitigate DDoS risks.
Mitigating Supply Chain Risks
However, as noted, many retail operations disruptions stem from attacks on their suppliers, not the retail company itself. As such, managing supply chain risk is fundamental to protecting retail operations and inventories.
Retailers must assess the risks associated with each of their suppliers, evaluating the effectiveness of their security measures, compensating controls, and processes for monitoring risk scenarios.
This evaluation process often involves detailed questionnaires, ranging from a few dozen to over a hundred questions. While completing these assessments can be time-consuming, their purpose is to assess the level of risk involved in engaging a particular provider and decide whether that risk is acceptable. Encouraging suppliers to improve their security measures is extremely important.
But don't stop there. Take the time to regularly monitor and assess your suppliers and third parties to ensure ongoing compliance with your security requirements.
Looking Ahead
The key takeaway here is that cybersecurity is immensely important for retailers. Disruptions to suppliers or inventory systems can have a huge impact on their operations, customer trust, and financial well-being. Implementing basic cybersecurity measures—and ensuring the cybersecurity of suppliers—can make a world of difference when cyber criminals target retailers.
Contact us today to find out how Fortra's suite of security solutions can help your retail company ward off threats, secure your suppliers, and continue business operations for years to come.
