Almost half of retailers experienced a ransomware attack last year
This July, the Swedish grocery store chain Coop was forced to close all of its 800 stores for a day because their cash registers were inoperable due to a ransomware attack on US-based IT company Kaseya.
And they weren’t the only ones – Sophos estimates that nearly half (44%) of retailers suffered a ransomware attack last year and one-third of those whose data was encrypted paid the ransom to get it released. While the average ransom payment was $147,811, only 9% of organizations got all of their data back after they made the payment.
But, ransomware can affect a business in multiple ways, not just via the direct costs of keeping the company running. Businesses can also be harmed by increased cyber insurance rates, as well as additional PR and marketing expenses needed to rebuild customer and partner trust.
“A successful ransomware attack can literally cripple a business for days and leave them financially and reputationally scarred,” said Juta Gurinaviciute, Chief Technology Officer at cybersecurity company NordLayer. “That is why we always urge businesses to take precautionary means. Cybersecurity services are cheaper and far more effective when used for prevention, not damage control.”
However, there are ways of minimizing the risks and costs connected to ransomware attacks, and retail companies looking to up their cyber resilience should first consider applying these measures, adds NordLayer’s CTO:
- Recurring cybersecurity training for staff. Minimizing the human factor in possible breaches goes a long way since more than 80% of successful attacks rely on some form of human engineering.
- Have a stress-tested incident response plan. Regularly test the technology and the personnel.
- Have a backup that can be brought back even without access to all resources. Follow the 3-2-1 backup format: three copies of data on two different media, one of them stored off-site.
- Use third-party cybersecurity services. Don’t put everything on the company’s IT department – find a cybersecurity partner and let them do the heavy lifting.
A needed shift towards Zero Trust
Currently, the cybersecurity landscape is shifting from the traditional approach of walling in from outside threats to a more resilient, up-to-date approach using Zero Trust architecture.
With Zero Trust, every device and user are perceived as a threat and are only granted access to parts of the network essential to their task via pre-set access permissions. Even then, each user/device has to authenticate themselves before accessing the required resources constantly.
“Retail entities rely upon running a wide network of point sale and other types of devices, and their attack surface is larger due to that,” said Gurinaviciute. “That is why they should embrace Zero Trust. It not only lessens their chances of becoming a cybercrime victim, but if the unfortunate does happen, the outcome would be significantly less devastating.”
Even though Zero Trust has been around for years, the current cybercrime climate catapulted it to the spotlight. It’s now being embraced by both businesses and governments globally, with the United States government leading the way – president Biden ordered all federal agencies to fully deploy Zero Trust by September 2024.