Many recent cyberattacks have targeted retailers who are becoming increasingly vulnerable. In some cases, attacks on retailers have not only crippled business, but society as well. These attacks show how vulnerable society is and that security has not kept pace with digitalization. So how can retailers increase their security and stop this trend?
Cyberattacks against retailers
During the past year, multiple retailers have been subject to cyberattacks, including NA-KD, Synsam and tretti.se. In June 2021, the Bauhaus was hit by a major computer attack, which caused technical problems for stores in several countries. In Sweden alone, 22 department stores and 4,000 employees were affected by the drop in e-commerce, connections, business systems and stock data.
The latest report of major computer failures concerned the Coop food chain. 800 Coop stores were forced to close for several days due to a computer attack that paralyzed their payment system. The attack was part of a larger global event targeting US software company Kaseya. Several other Swedish and international companies were affected by the same event, such as the pharmacy chain Apoteket Hjärtat, the railway company SJ and the oil chain St1.
Why are attacks on retailers so serious?
Retailers are particularly vulnerable because they depend on their IT systems. For some, a large part of their sales is done on the internet. Since much of it is managed digitally, but lacks sufficient protection, there is a risk that retailers are unprepared for an attack. This could make it a target for cybercriminals.
As IT businesses increasingly rely on third parties and service providers, resilient supply chains become essential. Supply chains can often form complex networks of multi-level interconnected delivery chains, where different suppliers are linked to customers and also to each other. A breach in one of these links can have a direct ramification on a large number of companies. Effects can propagate from a local incident to a global incident in one instance, given that many IT companies and vendors are international. The attack that hit Coop targeted, as mentioned earlier, the software provider Kaseya. Kaseya has 37,000 customers and their software aims to ensure IT environments maintain good security. The attack therefore did not target Coop but a major supplier, which shows the extent of such an attack.
What can retailers do?
Virtually every business these days must rely on software supply chains, even with on-premises IT infrastructure and local maintenance. Additionally, all software, whether it is an operating system or a business application, needs updates from vendors to implement new features, fix bugs, or fix bugs. critical vulnerabilities. These updates are downloaded from the provider or another trusted party via the Internet. In some cases, portable media (eg USB) can be used to reduce the risk of them being altered by a malicious external actor.
When implementing software updates, it is good security practice to use only trusted sources and to verify the integrity of update packages by verifying that the HASH sum of each downloaded package matches the amount indicated by the supplier. But what if someone tampers with the package by placing an additional payload, like a backdoor, ransomware, or other malicious content on the package at the source, the provider? In this case, the provider’s infrastructure would have been hacked and the malicious content would be placed in the software package without the knowledge of the provider. For companies that use it or provide it to their customer, the integrity of the software packages would appear to be correct and the source would appear to be trustworthy.
Advenica has a unique high assurance solution, File Security Filter (FSS), to ensure the security of transferred files and greatly reduce the risk of transferring malicious file content placed in files such as software updates. FSS is an automated solution to scan and clean file content with over 30 anti-virus engines. The solution uses Advenica’s high assurance unidirectional gateways, data diodes, to ensure the highest possible separation of the customer infrastructure from external networks. The FSS provides the most secure and comprehensive up-to-date protection for enterprises against software supply chain attacks and other file-based vulnerabilities.
Do you want to learn more about File Security Screener? Learn more about the Solution!
Read more on what society can do to become less vulnerable!