What were the most common cyber attack patterns in the retail industry in 2023?
In support of Cybersecurity Awareness Month, we are examining reported incidents by industry. The focus of this article will be the retail industry.
With a wealth of payment data and countless entry points from e-commerce shops, third-party vendors and physical store locations, the retail industry is teeming with opportunities for threat actors to capitalize on for financial gain.
In fact, to nobody’s surprise, the Verizon 2023 Data Breach Investigations Report (Verizon DBIR) found that 100% of the reported incidents were financially motivated, and 37% specifically targeted payment card data.
So, what were the most common cybersecurity attack methods in the retail industry in 2023?
According to the 2023 Verizon DBIR, nearly 90% of all reported incidents in the retail industry were from social engineering, system intrusion or basic web application attacks.
Social Engineering and the Retail Industry
One of the usual suspects in the cybersecurity world, social engineering is a common, yet extremely effective, tactic. Threat actors prey on human nature to manipulate individuals into exposing sensitive information. In the context of the retail industry, this can include manipulating someone into providing access to customer databases with payment card data, company network information or customer credentials.
System Intrusion and the Retail Industry
System intrusion may seem like a straightforward concept, but it’s still a commonly reported attack pattern that many retailers aren’t completely protected from. System intrusions involve cases in which a threat actor uses technological means to gain unauthorized access to a system or database. Mostly reported as hacking or deploying malware, this attack method also includes ransomware, which is a growing issue for retailers. A recent report suggests that there was a 75% increase in the rate of ransomware attacks on the retail sector in 2022.
Basic Web Application Attacks and the Retail Industry
A very simple attack method, basic web application attacks are akin to a smash-and-grab in the cybersecurity world – get in, get the goods and get out. In the retail world, web applications commonly take the form of an e-commerce website or app, as well as third-party sites, plugins, vendors and supply chains, all of which can hold a treasure of payment, personal and proprietary data.
The good news is the risk of basic web application attacks can be mitigated with automated security tools, multi-factor authentication, best-practice controls and proactive incident response planning. While protective measures aren’t error-proof, they do offer some peace of mind.
This article is part of a series highlighting the most common cybersecurity incidents by industry and is based on data from the 2023 Verizon DBIR. Additional articles include:
- Protect Your Financial and Insurance Data: 3 Common Cyber Attack Methods to Watch Our for in 2023
- Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
- Protect Your Manufacturers: 3 Common Cyber Attack Methods to Watch Out for in 2023
- Protect Your Patients and Their Data: 3 Common Cyber Attack Methods to Watch Out for in 2023
- Cybersecurity Awareness Month Celebrates 20 Years
It is important to note that the data referenced is from organizations that chose to disclose incidents and data breaches.
About Cybersecurity Awareness Month
Since 2004, the United States and Congress have recognized October as Cybersecurity Awareness Month to raise awareness about the importance of cybersecurity in the public and private sectors and tribal communities. The year marks the 20th year anniversary of Cybersecurity Awareness Month and this year’s campaign, Secure Our World, focuses on four ways to protect yourself, your family and your business from online threats.
Related Resources
- CISA – Secure Our World Homepage
- CISA – 4 Things You Can Do To Keep Yourself Cyber Safe
- Schneider Downs Cybersecurity Resource Library
- Verizon 2023 Data Breach Investigations Report
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
To learn more, visit our dedicated Cybersecurity page or contact the team at [email protected].
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.
