In the post COVID-19 world, a huge shift has taken place — individuals and businesses are increasingly relying on digital solutions to carry out day to day tasks. Ecommerce saw a significant upsurge in May 2020, increasing by 168%, representing 27.5% of total retail sales.
The projection is that by 2024, it will grow to represent a third (32%) of all retail sales. With this dramatic shift, personal data and privacy issues are taking center stage. One study by Vacancysoft and Richard Walters warned that UK SMEs are at risk of 65,000 security attacks daily, adding that 4,500 are successful. What is even more concerning is that each data breach costs approximately £2.48 million.
How retailers are being attacked
Cybercriminals are taking advantage of the COVID-19 crisis to unleash more aggressive cyber-attack campaigns. These attacks on retail companies vary from small disruptions to more large scale and sophisticated incidents. Some of the schemes include:
- Phishing email scams – Cybercriminals pose as reputable organisations and trick victims into clicking the malicious links or downloading infected attachments on emails. The attackers often masquerade as a bank or a company the victim does business with.
- Ransomware attacks – A successful ransomware attack encrypts a company’s information and cripples its core business operation systems. The attacker then demands a fee to be paid for the system to work again This is a potential financial and reputational crisis for retailers.
- DDoS extortion campaigns – Extortionists target e-commerce industries with threats of distributed denial of service (DDoS) attacks if a ransom is not paid.
5 ways retailers can strengthen their cybersecurity
- Use a VPN – VPNs encrypt users’ data so that they can remain protected and anonymous while online. It is instrumental in reducing data breaches and other cyber-attacks.
- Train employees – As the most valued asset and gatekeepers to a company’s cybersecurity, employees must be adequately trained on best practices such as being vigilant when opening emails, and using strong passwords when working remotely.
- Two-factor authentication – 2FA is an added layer of security designed to block unauthorized access into an account or device.
- Backup data and update software – An extra copy of a company’s sensitive data should be stored on a secured platform to protect against ransomware attacks. Retailers should also ensure that all software for devices and networks are updated regularly to remove vulnerabilities.
- Monitor breaches – A robust monitoring system should be in place to detect data breaches and alert security personnel immediately to avoid a crisis.