Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector.

The 2024 Trustwave Risk Radar Report: Retail Sector will cover in detail the threats facing the industry, the most prominent adversaries in the field, and the commonly used methods to attack retailers.

The main report is supported by two supplementary pieces:

  • Retail Sector Deep Dive: Rise of E-commerce Threats
  • Retail Sector Deep Dive: Fraud Targeting Retailers

All three reports, which build upon the earlier 2023 Retail Sector Threat Briefing and Mitigation Strategies, are the culmination of the effort of more than 250 Trustwave SpiderLabs cybersecurity experts across the globe, tasked to research the top threats in today's landscape. With an email security team dedicated to analyzing millions of phishing URLs validated daily, our Advanced Continuous Threat Hunting, Digital Forensics and Incident Response, Malware Reversal, and Database Security teams, we’re able to share insight into identifying how breaches in retail occur.

These activities are supported by the 200,000 hours of penetration tests we conduct annually that uncover tens of thousands of vulnerabilities.

The report offers granular information on retail's unique threat landscape, including the seasonality of cyberattacks, dependency on third-party suppliers, the physical security risks inherent in operating brick-and-mortar storefronts, and diverse payment systems that must be accommodated.

Some of the report's key findings are:

  • Most attacks originate with a phishing incident
  • Almost half of the stolen user sessions leverage Amazon domains
  • Brute-force techniques are the primary method used to gain credential access
  • Most ransomware attacks struck US targets.

When it comes to ransomware, the report found food and beverage retailers top attackers' target lists, followed by apparel and home improvement companies.

Another threat vector retailers must observe and defend against is fraud. Trustwave SpiderLabs found extensive evidence of sophisticated fraud schemes being used to target retailers, resulting in financial losses and reputational damage. Enhancing fraud detection measures, educating employees and customers, and conducting regular audits are essential steps to combat these schemes.

Trustwave will run three webinars offering a first-hand explanation of all three retail reports by the researchers themselves and an opportunity to ask questions:

  • Risk Radar: A 360-Degree View of Threats in Retail
  • A Deep Dive into Threats and Strategies for Protecting E-Commerce Data
  • Fraud Targeting Retailers: A Growing Threat

You can register here for all three webinars.

Please circle back to the Trustwave blog on October 29 and download your copy of the report for all the details on the threats facing the retail sector, along with instructions on how organizations can protect themselves during the upcoming holiday shopping season.

 

The Trustwave SpiderLabs Industry Report Series

The 2024 Trustwave Risk Radar Report: Retail Sector is the latest in a series researched and published by Trustwave SpiderLabs starting last year. Please visit these for our most recent research primary and complimentary reports:

To dive into earlier Trustwave SpiderLabs vertical sector research, click here.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo