Cybercriminals are leveraging big retail names in attacks this holiday season
New research shows Apple and Amazon are most vulnerable
Cyberattacks are on the rise all year round, but retailers face heightened risk in their busiest periods around the winter break, experts have warned.
In its 2024 Retail Risk Report, Trustwave has revealed more on what to be on the lookout for this holiday season.
As expected, phishing remains the most popular primary attack vector, with 58% of incidents originating this way. The abuse of valid accounts and exploiting vulnerabilities were also common access methods. Over 90% of credential access attempts were brute-force attacks - so automated hacking is the trend for this Christmas.
Ransomware continues to plague the retail industry, especially in the US - who saw 62% of attacks - although the disruption to the notorious Lockbit gang is represented by its drop from a 34% to 15% share of the incidents - joint top with Play.
Ransomware continues to rise
Credential stealers represent a significant threat to ecommerce platforms since they capture personal information from the victims device like payment details, login credentials, and system information.
The report found that large retailers are targets for info stealers thanks to their huge user bases. Monitoring ‘Russian Market’, a popular dark web marketplace that specializes in the sale of stolen credentials, the report found that Amazon.com (47%) and Apple.com (28%) saw the highest distributions of stolen user sessions.
Studies have shown the retail sector has been hit by more ransomware attacks than ever this year. Since the average data breach costs $3.5 million in the retail sector, the consequences of vulnerabilities can be enormous.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The most targeted retail subsector is food & beverage retail, which accounted for 16% of the attacks, closely followed by apparel and home improvements retail - both at 15%.
It’s key for retailers of all sizes to be vigilant about their cybersecurity processes and conduct regular audits to combat the rise in sophisticated fraud schemes.
More from TechRadar Pro
- Take a look at the best ransomware removal around today
- Businesses expect cyber threats to rise, but aren’t ready for them
- Check out our pick for best antivirus software
Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.