Australian retailers are being warned to be on their guard to the heightened risk of cyber-attacks from state sponsored attackers and cybercriminals. Ransomware gangs and other threat actors are seeking to exploit the current chaos. It is critical that Australian retailers take steps now to ensure their businesses and customers are protected.

Australian retailers operating bricks and mortar stores and online are at the forefront of the intersection between customer expectations and experience, and the need to manage and operate complex technology. Retailers are more exposed to cybersecurity risks because they use a blend of technologies across the business and point-of-sale networks. This creates more potential vulnerabilities in their environment to exploit. 

A key element of any customer experience is trust. Trust that the item they buy performs as expected. And trust that their personal data – everything ranging from names, addresses and phone numbers needed for invoices and warranties – as well as payment information is protected from online criminals.

There is a lucrative online marketplace for personal data. According to research, credit card details can fetch hundreds of dollars on the dark web. That makes transactional data extremely valuable to criminals. It’s little wonder that cybercrime has overtaken the illicit drug trade when it comes to profitability for criminals and if it were a country, it would be the world’s third largest economy behind the USA and China.

The other aspect is reliable access to systems. Retailers are a prime target for ransomware gangs. And with the average revenue of a supermarket at just over $1.1M per week, even a short outage can cost hundreds or thousands of dollars. And like stolen credentials, the payoff for threat actors is financial. Would a supermarket chain pay thousands of dollars for the decryption keys after a ransomware attack to prevent much bigger losses? That’s the question criminals ask when attacking retailer systems.

Cybersecurity experts talk about the attack surface – the outward facing parts of your systems that can be accessed and exploited. For retailers, the attack surface is far broader than it may seem. When Target in the United States was attacked in 2013, its point-of-sale systems were breached when the user account of an air conditioning mechanic was compromised. The attackers, over many months, used that account to work their way through other systems before hitting their ultimate goal and stealing hundreds of millions of customer credit card details. 

The retailer attack surface extends to wholesalers, logistics companies and other business partners and across in-store and online. Whilst the threat landscape does continue to evolve, the picture is not all bleak for retailers seeking to defend themselves against cybercriminals. There are several things that can be done to protect systems from the theft of customer data and other attacks such as ransomware.

Keeping systems updated and up-to-date is critical. Many retailers use tools that are specifically designed for them such as POS and eCommerce systems. These systems are sometimes built on ageing technologies, with some platforms operating on obsolete operating systems like Windows 7, which is extremely high risk and no longer supported with security updates. Keeping all software and systems updated with the latest patches, ensuring up-to-date security software is in place, and providing security awareness training to all staff can go a long way to reducing the risk of an attack.

It’s also important to understand what systems are being used, who has access to them and how different systems interact. Enabling and mandating tools such as multi-factor authentication can protect a retailer from the consequences of a stolen password. And ensuring that individuals and systems can only access the data they need minimises the risk of an attacker moving between different systems if they happen to find a way in.

Retailers also need to consult with cybersecurity experts that can test their defences, find vulnerabilities, and provide actionable advice on mitigating the risks of an attack. Experts know the tactics that threat actors are using so you can quickly minimise the risk and improve defences. 

The combination of the fast-paced retail environment where even small disruptions can translate into significant financial losses, ageing systems and a treasure trove of valuable data makes retailers a prime target for cybercriminals. By partnering with experts, taking steps such as multi-factor authentication, and ensuring that access is tightly secured and closely monitored it’s possible to minimise the risks and continue to create secure, frictionless, and reliable customer experiences.

Michael McKinnon is chief information officer at Tesserent.