Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Defining the Cyber Assault on the Retail Sector

The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers.

Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year.

The report, which follows up on the well-received 2023 Trustwave SpiderLabs’ Threat Briefing and Mitigation Strategies, is the culmination of months of effort by more than 250 Trustwave SpiderLabs cybersecurity experts from across the globe, tasked to research the top threats in today's retail landscape. The report focuses on the unique threats retailers cope with daily, how attackers have tailored their tactics specifically for retail targets, and how the inherent complexity of the retail environment offers an adversary a myriad of potential attack vectors.

Most importantly, the report contains mitigations that an organization can take to best protect itself.

Some of the report's key findings include:

  • 58% of attacks originate with a phishing incident
  • 47% of stolen user sessions leverage Amazon domains
  • 15% of ransomware attacks are attributed to the threat groups Play and LockBit
  • 62% of ransomware attacks struck US targets

Additional in-depth information on these topics is included in the report.

A few salient points noted in the report bring into focus the need for retailers to ensure their security is ready. The average cost of a retail-sector data breach is $3.5 million, but the potential reputational damage to organizations that count on repeat business from brand-loyal customers is potentially catastrophic.

Staples, Ace Hardware, and Home Depot were all hit with attacks within the last 12 months. The severity of these attacks was telling, with data on 10,000 Home Depot employees being exposed, Staples and Ace Hardware each having customer PII stolen and systems knocked offline. The report is accompanied by two focused pieces of research.

The deep dive into e-commerce threats examines the risks e-commerce platforms encounter and provides mitigation guidance, empowering organizations to keep e-commerce environments and customer data safe. The report covers some common methods threat actors use to gain access, such as buying log stealer results, using web shells, and credential stuffing, along with the different vulnerabilities attackers favor for exploitation.

The Fraud Targeting Retailers report looks at how threat actors attempt to convince consumers and employees to voluntarily turn over valuable personally identifiable information (PII) through a massive number of scams that can be almost impossible for the average person to discern as fraud. This information can then be used to further defraud or attack retailers.

 

Understanding Retail-Specific Threats

As noted in earlier Trustwave SpiderLabs’ research reports, seasonality, third-party partners, the franchise model, and protecting brick-and-mortar stores and facilities play a large role in the cybersecurity problems facing any organization, but are particularly a concern for retailers.

During high-volume shopping periods, retailers are inundated with orders, transactions, and consumer requests, which strain their security resources, thus opening holes that aggressors can manipulate to their advantage.

The report details the threat posed by potentially unsecure third-party partners and how retailers face attacks from two flanks by having to protect their cyber and physical environments.

Finally, franchisees often operate semi-autonomously, which can lead to inconsistencies in security practices across different locations, again multiplying the security problem.

 

Defining Attack Techniques

Knowing and preparing for an attack is only half the battle retailers face. The latter portion is understanding a threat actor’s plan of attack, how they will gain entry and then move once inside, which is critical to halting an incident.

In the report, Trustwave SpiderLabs explains the initial access techniques, execution methodologies, how critical credentials are accessed, lateral movement, and how persistence is maintained. Understanding these steps is key for a security team as each can be defended, giving an organization multiple opportunities to mitigate an attack.

 

Upcoming Webinars

Trustwave will run three supporting webinars offering a first-hand explanation of all the retail reports by the researchers themselves and an opportunity to ask questions:

  • Risk Radar: A 360-Degree View of Threats in Retail
  • A Deep Dive into Threats and Strategies for Protecting E-Commerce Data
  • Fraud Targeting Retailers: A Growing Threat

You can register here for all three webinars.

 

Download the Report

We encourage you to download the 2024 Trustwave Risk Radar Report: Retail Sector along with the deep dives Rise of E-Commerce Threats and Fraud Targeting Retailers. Each resource highlights the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods, like Black Friday and Cyber Monday. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures. highlight the escalating cyber threats facing the retail sector, particularly during high-volume shopping periods. With ransomware and phishing attacks becoming increasingly sophisticated, retailers must be vigilant and proactive in their cybersecurity measures.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo