Blog :: NDR

5 retail cybersecurity statistics to help you understand the threat landscape

A cyberattack that disrupts business operations can have huge consequences for retail enterprises. Whether a network compromise causes the e-commerce site to go down, POS failures, shipping software interruptions, or widescale outages, revenue and consumer trust are on the line. 

With consumer spending reaching an all-time high of nearly $14 Trillion in the fourth quarter of 2021, retailers benefit from adopting new technologies that help ease buying and distributing goods to their customers. Contactless payment systems, convenient fulfillment options, and many other technological adoptions help increase productivity and enhance customer experience. But these technologies also make retailers enticing targets for cybercriminals. 

The following statistics help retail security teams understand the current threat landscape to better arm their defenses and response tactics to network threats. 

5th most targeted industry worldwide 

While retail attacks were, according to the annual X-Force Threat Intelligence Index, down from 10% to 7% worldwide, retailers and wholesalers still ranked in the top five of most attacked industries in 2021. Wholesale organizations, in particular, accounted for 65% of their industry’s attacks. This may be partly due to the rise of supply chain attacks in 2021. 

IBM reported that the most common types of cyberattacks included:

  • Business email compromise
  • Server access
  • Data theft
  • Credential harvesting

These findings make it clear that retailers must continue to strengthen their efforts. While they are no strangers to cyberthreats, the methods retail enterprises take need to keep pace with the evolving threat landscape. 

99% of retail cyberattacks are financially motivated

2020 report by Verizon found that cyberattacks on retailers were almost exclusively motivated by financial gain for those cybercriminals. This stat should come as no surprise. But it does beg the question of how much a breach actually costs an organization. 

A study by Ponemon & IBM provides some insight into this question. According to the 2021 Cost of Data Breach Report, the average retail data breach cost rose from $2.01m in 2020 to $3.27m in 2021 (a 62.7% increase). Retail was not the only industry that saw its data breach cost figures increase, only highlighting the unfortunate gains cybercriminals continue to see. 

The Verizon report also revealed the tactics and aims of those cyberattacks. The most common data stolen included payment data and personal credentials. And the most common breach points were cloud resources—a move away from POS systems. This finding indicates that retailers need more robust defenses against the widening attack surface. Retail security teams need tools that can bridge cloud, virtual, and hybrid environments to detect, investigate, and respond to threats. 

57% of attacks on e-commerce sites were carried out by bots

2021 report by Kasada found that over half of the attacks on e-commerce sites were carried out by bots. In addition, the report revealed that monthly bot activity was on the rise, up an average of 13% per month year over year. 

Malicious bot activity is alarming from a cybersecurity perspective because bots can overwhelm systems and processes. Bots can drop DDoS or credential stuffing attacks on sites, and they can clog emails servers with spam. This can cause networks to slow and increase business process friction.

This kind of network fatigue can also cause human fatigue, leading to errors in judgment or process lapses to just get through the massive amount of activity. Being able to lean on the cybersecurity tools to weed out false positives and provide contextual alerts and analytics is essential to keeping the network safe and the security team sane and productive in threat response. 

38% of breaches stemmed from phishing attacks

The X-Force Intelligence Index also revealed that 38% of attacks on wholesalers were from phishing tactics. While phishing has been around since the early days of email, the tactics have grown increasingly sophisticated. 

Even people relatively literate in emails scams may fall prey without due diligence. Sophisticated tactics, like spear-phishing and whaling, have upped the social engineering aspect of phishing.  In part, retail IT teams can educate coworkers on the tactics and provide examples and training around phishing. But, as indicated by the 38% figure, the reality is that many people still fall for sophisticated phishing attacks. 

Having a tool that can actively scan the network for abnormal device behavior and assess device risk in real-time can help security teams quickly identify a compromise before it has a chance to do damage.  

62% of consumers would blame a company for cyberattack

Consumer trust can make or break a brand. Companies that are not deemed trustworthy, especially from a digital perspective, will undoubtedly lose market share as the world becomes more digitized. Unfortunately for retailers, a recent RSA survey revealed that 62% of consumers would blame the company that lost their data in a breach. Preventing a breach, then, not only would save you the headache of network downtime and any immediate financial loss, but it would also avoid a blow to customer trust. 

In addition, the respondents said that they would expect more responsiveness and transparency when a data breach did occur. That means companies need to know when the network was compromised, how it happened, and what data was breached. However, for teams to know this, they need rich data to conduct forensics. 

As you can see, the threat landscape for the retail sector is vast and consequential. Read our case study for the retail industry to see how an NDR platform can help retailers defend themselves against these cyber threats.