Retailers — understand your cyber risk
Digitisation of the supply chain and hybrid working environments accelerated by Covid-19, has increased the points at which cyber attacks can happen.
The attack on Tesco over the weekend of 23-24 October has highlighted the importance of ensuring that retailers' systems are as safe as they can be; not only how they interact with their consumers but also how their internal systems and infrastructure are protected when being accessed from the homes of their own workers.
According to one analysis there were 304.7 million ransomware attacks – where data is encrypted and cash is demanded for its release - in the first six months of 2021. For retailers, attacks specifically against their supply chain are increasing as well with the European Union Agency for Cybersecurity predicting the number of such attacks will increase fourfold compared to last.
For these sorts of attacks, the digitisation of the supply chain as well as the hybrid working environments of retailers employees accelerated by the pandemic has increased the points at which these attacks can happen. This is a new danger faced by retailers who previously had better control over their networks. Now, as people log on from home to retailers systems, there are potentially hundreds of vulnerable devices for attackers to exploit.
Those products which have time-sensitive elements in their supply to the ultimate consumer or which, for example, need to be kept at particular temperatures are more at risk. Attackers could turn off a warehouse's fridges and disable the alarms to warn that the temperature was changing.
In order to prepare for such attacks, retailers should look to undertake various steps as part of their strategy for dealing with them;
- Educate personnel – this is especially acute where some or all of the workforce work from home, some or all of the time. Unfortunately a lot of the time the human element is the weakest link (simple passwords, phishing)
- Assess suppliers – what is the approach to risk of the various suppliers to Well? What is the amount of data shared with the suppliers and over which platforms?
- Have a ransom policy – It can be tempting to pay these. The average payment in 2021 has been over $170K. However, if a ransom is demanded, there is still no guarantee that you will get back the data which has been lost. Some attackers are even providing references from entities whose data they have stolen previously and who, upon payment of the ransom, have retrieved their data.
- Prepare for worst case – if an attack does happen, if you are prepared, at least the impact can be minimised and you can recover quickly.
- Cyber hygiene – the impact of attacks can be lessened with some relatively simple steps like backing up data, ensuring passwords are strong, education of staff and ensuring software is up to date. There are also organisations which can simulate attacks and determine how prepared a company is.
The European Union Agency for Cybersecurity are predicting that the number of such attacks on the supply chain will increase fourfold compared to last year.