As retailers embrace digitalisation, companies are facing key threats that pose significant risks to retailers' sensitive data and operations. From data breaches to ransomware attacks, understanding these dangers is crucial to fortifying the retail shield and protecting both businesses and customers from costly cyber security incidents.
Customer trust is hard to win but losing it is exceedingly easy especially when it comes to a privacy leak.
As more customers transact through online platforms and pay through their credit cards, retailers wittingly or unwittingly store a treasure trove of sensitive financial data. Data breaches hurt the reputation of the retailers involved and compromise the privacy of customers, but could even snowball into direct financial losses.
Singaporean jewellery chain Goldheart was a victim of a data breach that compromised the details of more than 40,000 customers who signed up online. The stolen database, which included emails and phone numbers, was then shared on hacking forums and the dark web.
In a separate event a month later, luxury retailer Cortina Watch suffered a data breach. The hacker stole 2 GB worth of data and appears to be holding the company ransom to extort financial gain. With an annual revenue of S$716.9 million in 2022, a data breach could cause customers to shop somewhere more secure, potentially impacting their bottom line.
To guard against data breaches and privacy leaks effectively, retailers must adopt a multi-layered approach to cyber security. At T-Systems, we help companies reduce their cyber risks to help safeguard their success. Retailers will be able to mitigate and effectively respond to any data breach attempt and guard against an equally dangerous cyber security threat - a ransomware attack.
In an age of online shopping and digital experiences, a ransomware attack can be crippling to retailers.
In such an event, an attacker locks and encrypts the victim’s data, which could contain customer information and then demands payment to unlock and decrypt the data. A ransomware attack has the capability to effectively show down the operations of a retailer, impacting both their revenues and customer experience.
The Cyber Security Agency of Singapore (CSA) found that 81,500 systems in Singapore were infected in 2022 with over 130 ransomware cases reported that included the retail industry. To effectively guard against ransomware attacks, retailers must invest in robust infrastructure and network security to mitigate and screen out potential points of weakness.
The South Korean retail giant E-Land suffered a ransomware attack. That breach prompted the company to shut down a portion of the organisation’s IT system. This in turn caused a temporary shutdown of 23 out of 50 of its retail stores.
To safeguard against ransomware attacks, retailers must adopt a multi-faceted cybersecurity approach. Regularly backing up critical data and storing it offline is essential to ensure data recovery without resorting to paying the ransom. As retail shopping move towards more integrated experiences, the risks of a cyber security threat happening increase.
Retailers today move away from cash transactions to contactless options that include NFC-enabled cards and mobile wallets. Combine that with the integration of IoT devices such as smart shelves and inventory management systems, the points of weakness for infiltration are also magnified.
While NFC transactions transmit data within a very close range, making them more secure, there are still points of vulnerability. This includes data interception, relay attacks and data storage vulnerabilities.
Additionally, with the rise of IoT technologies including self-checkouts, retailers need to take steps to protect the data collected. This could include customer information from point-of-sale systems to product movement data from IoT devices across the supply chain.
At T-Systems, we work with retailers to safeguard their critical infrastructure from the top floor to shop floor in an age of IoT. You’ll be able to safeguard your networks and reliably mitigate any cyber security events.