The global retail sector continues to accelerate its move to greater digitization with commentators attributing the ‘death of the high-street’ to the trend. In the US alone, e-retail sales exceeded $5.2 trillion in 2021, and early estimates suggest the 2022 figure could be close to $6 trillion. While online shopping continues to grow exponentially, it’s not only online retail driving digitization. From warehouse logistics to sales analytics, to mergers and acquisitions, businesses are embracing digitization as a driver of efficiency. But along with all the advantages of greater interconnection, businesses must now grapple with the growing cyber risks associated with their expanded attack surfaces against the backdrop of cyber criminals seeking access to the rich data-stores held by organizations in the retail space.
Retail remains one of the most vulnerable sectors to cyber-attacks. Retail companies are very publicly visible organizations and contain vast amounts of personal and financial information which is easily monetized by criminals. Online shopping demands consumers to create dozens of unique accounts which improves user experience, but individuals often use the same credentials for multiple accounts which means that a data leak from one vendor could put multiple user accounts at risk.
Over the course of 2022, criminals increasingly turned toward credential theft, spoofing and stuffing to target this multi-billion-dollar industry’s online infrastructure.