Top Cyber Threats Faced by Retailers and the Way to Fight Back

Cyber Threats

If you think that cybercriminals target only big corporations, think again. The retail sector, of late, has emerged as one of the biggest targets for hackers. The reasons are easy to guess. These include retailers handling a large cache of money, storing scores of customer credit card numbers, and, to make matters worse, having frontline staff with poor or sometimes non-existent cybersecurity training. And if these are not enough, there are retailers who use legacy systems that have not been secured or updated to address the threats from cybercriminals.

As per the 2022 data breach report from Verizon, the retail sector witnessed 629 incidents in 2022, out of which 241 were confirmed data breaches. According to Ravin Prasad, CEO of Cybernetic Global Intelligence, a global accredited cybersecurity organisation, such attacks have increased in numbers and led to wide-ranging consequences, namely, loss of consumer trust, financial loss, legal suits, and others. The top cyber threats faced by retailers and how can they address them are mentioned below:

Top Cybersecurity Threats Faced by Retailers

Retailers face a raft of cybersecurity threats, as mentioned below, often leading to dire consequences.

#1. Ransomware: Ransomware tops the list of attack vectors targeting retailers. In 2022, companies like Ikea, McDonald’s, and Sobey’s became victims of ransomware. Christian Beckner, the US National Retail Federation’s Vice President for Retail Technology and Cybersecurity, states that ransomware is a major ongoing risk to retailers and its impact is not surprising.
In 2022, the retail sector experienced ransomware attacks, and more than half of these attacks resulted in attackers encrypting files. As per Ravin Prasad, CEO of Cybernetic Global Intelligence, ransomware attacks pose serious cybersecurity risks for retailers. In some cases, companies are even forced to shut down their operations or points of sale (PoS) for investigation. Besides, ransomware attacks pose reputational risks as well, given that data leakages can occur. Also, companies in the retail sector store and process credit card data, which can be exposed during ransomware attacks.

#2. Bots and Impersonators: Retailers must be vigilant against bot attacks on e-commerce sites. These automated scripts emulate human behaviour, making them challenging to detect. Advanced bots can conceal their location and facilitate account takeovers, which enable hackers to make unauthorised purchases using customer account data, gift cards, vouchers, and saved credit card details.

Bots can also use malware to steal login credentials, take over browsers to execute actions in a customer’s name, or use brute-force tactics to guess passwords. Account takeover attempts account for almost one in four login attempts on e-commerce websites, compared to one in ten attempts for other industries. Over 90% of these attacks use credentials leaked from other data breaches, a technique known as credential stuffing.

Moreover, brand impersonation is another tactic used by cybercriminals to deceive consumers and steal sensitive information. These impersonators create fake versions of legitimate brand websites, email addresses, or social media accounts to obtain login credentials, financial information, or personal data.

#3. PoS Malware: This type of attack vector captures details of customers’ credit cards at checkout counters with PoS terminals. For instance, Prilex, a PoS malware, became smarter and easier for hackers. It was sold as malware-as-a-service in 2022 and has since morphed into several variants, blocking scores of near-field communication (NFC) transactions.

#4. Lack of cybersecurity training: The workforce running the retail industry is often highly stressed, lowly paid, and poorly trained. Further, they work for companies that make little or no effort to provide any kind of cybersecurity training. Thus, insider threats are very high in retail, with lots of part-time workers working around the clock in shifts. Since compensation is relatively low, the risk of financially motivated insiders attacking the system is high. Add to that the number of disgruntled workers who can attack the system using inside knowledge.

#5. Attacks on third-parties in the supply chain: The retail sector is dependent on third-party suppliers providing a wide range of goods. So, cybercriminals targeting these suppliers can impact retailers relying on them. The supply chain offers many points of ingress through which attackers can gain access to the system, cause data breaches, and the theft of credit card details. For instance, in 2022, a third-party service, SolarWinds, was breached, affecting thousands of users.

How Can Retailers Fight Back?

Retailers, instead of taking the whole attack vectors head-on, should focus on dealing with the most dangerous ones first. According to Ravin Prasad, CEO of Cybernetic Global Intelligence, it is all about risk mitigation and not risk elimination. When it comes to ransomware, retailers need to back up all their critical data systems and customer information. As cybercriminals search for new ways to attack retail companies, the latter need to think differently about strengthening their defences to address issues like fraud and organised retail crime, instead of showing a reactive defence. They must conduct regular cybersecurity assessments to identify and fix vulnerabilities and improve their cybersecurity posture by implementing standards such as ISO 27001.


It is a never-ending conflict between hackers and retailers, and for the latter, it is always going to be a war of attrition. Retail organisations should work on aspects such as achieving continuous assurance and improving the capability for robust detection and response. In doing so, they need to hire the services of top cybersecurity services, such as Cybernetic Global Intelligence, by dialling 1300 292 376 or sending an email to

Post a Comment