TECH INTELLIGENCE: Locking the digital door

As retail operations move online, theft also takes an omnichannel approach

Carl Mazzanti//February 12, 2024//

Businessman on blurred background protecting his data personal information 3D rendering

PHOTO: DEPOSIT PHOTOS

Businessman on blurred background protecting his data personal information 3D rendering

PHOTO: DEPOSIT PHOTOS

TECH INTELLIGENCE: Locking the digital door

As retail operations move online, theft also takes an omnichannel approach

Carl Mazzanti//February 12, 2024//

Listen to this article

In a recent column, I addressed ways that retailers can boost traffic to their sites with artificial intelligence. But more shopping activity also attracts an unsavory group, cyber hackers, who try to steal valuable customer data. So, I’d like to focus on some best practices to guard against retail threats.

First, consider that the effects of a successful cyber breach of a retailer go far beyond the targeted merchant — instead, the bad actors are further victimizing numerous customers that have entrusted the retailer with their credit card and other sensitive data. For example, 80,000-plus individuals were reportedly at risk when Walmart Inc. was recently hacked; and information on some 10 million individuals was exposed following a digital attack on UK fashion retailer JD Sports.

The rise of omnichannel retailing widens the attack surface and means more risk, since threat actors can now hunt for vulnerabilities in websites, “smart” devices and point-of-sale systems. They also exploit supply chain weaknesses to gain access to high-value targets, and use social engineering techniques, like phishing, to deceive poorly trained employees into revealing sensitive information or installing ransomware and other malware. According to some published reports, ransomware attacks rose at a record-breaking pace in 2023, nearly doubling on a year-over-year basis. Fortunately, cybersecurity solutions can provide a powerful defense.

Start at the end

To prevent ransomware attacks and minimize the damage they may cause, retailers need to strengthen “endpoint protection” by securing digital networks that are integrated with remote devices such as desktops, laptops, smartphones and tablets as well as with company email. Retailers can also use geo-blocking to help prevent foreign hackers from accessing business systems.

Other defensive measures include multifactor authentication – multi-step account-login processes that require users to enter more information than just a password – along with strong password policies. Additionally, timely “patch” management ensures software and other updates are downloaded and applied as they are issued.

Forward-looking retailers will also provide security awareness training for their employees to educate them about “phishing” and other social engineering techniques that threat actors frequently use to trick individuals into revealing passwords and other sensitive information, or to transfer funds improperly to unauthorized third parties. Such training may also be supplemented with automated defenses like DMARC for email validation, which helps businesses to authenticate emails.

Retailers can also take proactive steps to reduce hackers’ opportunity to engage in “data skimming” – installing malicious code on websites and apps or attaching physical devices to card readers in brick-and-mortar locations – which is used to steal credit card information from customers who are making online or in-store purchases. Data-skimming defenses include firewalls that control traffic between the point-of-sale network and external networks, periodic inspections of card readers to deter tampering, and encrypting sensitive data while it is in transit and at rest.

Retail organizations may also be threatened by “supply chain” attacks, where hackers gain access to a company’s sensitive files through a third-party partner, like the infamous Target Inc. attack. In that instance, hackers reportedly stole credentials from a refrigeration, heating and air conditioning subcontractor that worked at multiple Target locations, exposing some 40 million debit and credit card accounts. More recently, information on almost 2 million employees and customers of Dollar Tree Inc. was exposed when bad actors penetrated the defenses of a human resources software vendor that worked with the retailer.

To help guard against supply chain attacks, companies can use zero trust architecture, which requires identity verification every time a user, device, or application attempts to access a system. Supplementing that with “privileged access management” – which monitors, detects and prevents unauthorized privileged access to critical resources while generating a record of activity – will provide visibility into a hacker’s actions while helping to thwart unauthorized entry attempts.

Carl Mazzanti
Mazzanti

Retail businesses will always be tempting targets for threat actors. But organizations that deploy cybersecurity solutions specifically designed for the retail sector can ensure greater protection for their operations and for their customers.

Carl Mazzanti is president of eMazzanti Technologies in Hoboken, providing IT consulting services for businesses ranging from home offices to multinational
corporations.