A hand enabling cyber security while doing online shopping

Strengthening the retail shield: key cyber security threats to watch out for

In today’s hyper-connected world, retailers will need to understand critical cyber security threats and proactively take steps to defend against them.


As retailers embrace digitalisation, companies are facing key threats that pose significant risks to retailers' sensitive data and operations. From data breaches to ransomware attacks, understanding these dangers is crucial to fortifying the retail shield and protecting both businesses and customers from costly cyber security incidents.

Retailers today benefit from a more connected world. The advancement of the Internet of Things (IoT) and online platforms has unlocked a wealth of convenience and opportunities for the retail industry.

However, it has also brought forth a multitude of cyber security threats that seek to exploit any vulnerability to compromise sensitive customer data and disrupt operations.

In an IBM report, Asia-Pacific (APAC) ranked first when it came to cyberattacks with retailers in the top five industries targeted by malicious actors. Over half of the victims experienced extortion while 25% fell prey to data breaches that harvested customer credentials and data.

In fact, over half of APAC enterprises are unsure if their cyber security defenses are strong enough. In 2021, the cyber spend of APAC businesses was just 0.05% of their annual revenue. This low budget allocation comes at a time when APAC’s commerce sector saw over 1.1 billion cyber attacks across retailers, hotels and travel-related industries.

While retailers continue to embrace the benefits of digitalisation to reach more customers, it is essential to plug any cyber security vulnerabilities to safeguard business operations and customer information.

Retailers today are expected to provide top-tier service, protect their customers’ while minimising any downtime to capture sales in an industry with increasingly razor-thin margins.

Guarding against data breaches and privacy leaks

Employee analysing data and monitoring activity to actively guard against any data breaches

Customer trust is hard to win but losing it is exceedingly easy especially when it comes to a privacy leak.

As more customers transact through online platforms and pay through their credit cards, retailers wittingly or unwittingly store a treasure trove of sensitive financial data. Data breaches hurt the reputation of the retailers involved and compromise the privacy of customers, but could even snowball into direct financial losses.

Singaporean jewellery chain Goldheart was a victim of a data breach that compromised the details of more than 40,000 customers who signed up online. The stolen database, which included emails and phone numbers, was then shared on hacking forums and the dark web.

In a separate event a month later, luxury retailer Cortina Watch suffered a data breach. The hacker stole 2 GB worth of data and appears to be holding the company ransom to extort financial gain. With an annual revenue of S$716.9 million in 2022, a data breach could cause customers to shop somewhere more secure, potentially impacting their bottom line.

To guard against data breaches and privacy leaks effectively, retailers must adopt a multi-layered approach to cyber security. At T-Systems, we help companies reduce their cyber risks to help safeguard their success. Retailers will be able to mitigate and effectively respond to any data breach attempt and guard against an equally dangerous cyber security threat - a ransomware attack.

Preventing ransomware attacks

Employee analysing data to understand and prevent ransomware threats

In an age of online shopping and digital experiences, a ransomware attack can be crippling to retailers.

In such an event, an attacker locks and encrypts the victim’s data, which could contain customer information and then demands payment to unlock and decrypt the data. A ransomware attack has the capability to effectively show down the operations of a retailer, impacting both their revenues and customer experience.

The Cyber Security Agency of Singapore (CSA) found that 81,500 systems in Singapore were infected in 2022 with over 130 ransomware cases reported that included the retail industry. To effectively guard against ransomware attacks, retailers must invest in robust infrastructure and network security to mitigate and screen out potential points of weakness.

The South Korean retail giant E-Land suffered a ransomware attack. That breach prompted the company to shut down a portion of the organisation’s IT system. This in turn caused a temporary shutdown of 23 out of 50 of its retail stores.

To safeguard against ransomware attacks, retailers must adopt a multi-faceted cybersecurity approach. Regularly backing up critical data and storing it offline is essential to ensure data recovery without resorting to paying the ransom. As retail shopping move towards more integrated experiences, the risks of a cyber security threat happening increase.

Preempting contactless and IoT attacks

Customer making a contactless payment in a retail store

Retailers today move away from cash transactions to contactless options that include NFC-enabled cards and mobile wallets. Combine that with the integration of IoT devices such as smart shelves and inventory management systems, the points of weakness for infiltration are also magnified.

While NFC transactions transmit data within a very close range, making them more secure, there are still points of vulnerability. This includes data interception, relay attacks and data storage vulnerabilities.

Additionally, with the rise of IoT technologies including self-checkouts, retailers need to take steps to protect the data collected. This could include customer information from point-of-sale systems to product movement data from IoT devices across the supply chain.

At T-Systems, we work with retailers to safeguard their critical infrastructure from the top floor to shop floor in an age of IoT. You’ll be able to safeguard your networks and reliably mitigate any cyber security events.

For retailers, cyber security is paramount

From the menace of data breaches to ransomware attacks, retailers today need to proactively guard against cyber security risks. Thankfully, this can be done without the need to hire a team of cyber security experts or big upfront investments in data infrastructure.

With T-Systems, we have a suite of cyber security solutions that allows you to secure your customers’ most sensitive data and ensure maximum uptime for your retail operations.

Get in touch with us to secure your organisation today.

How do we prepare for a digital future?

This is exactly where T-Systems supports as a thought leader with inspiration on innovative topics. Learn how we can shape the next steps into our digital future together.

We look forward to your project!

We are happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitalization plans. Get in touch!

Do you visit t-systems.com outside of China? Visit the local website for more information and offers for your country.