Cyberpion released research today showing that most (83%) of the top U.S. retailers have connections to a vulnerable third-party asset, and nearly half of them (43%) have vulnerabilities that pose an immediate cybersecurity risk.
Before the pandemic, buy online, pickup in store (BOPIS) became hugely popular to consumers who didn’t want to have to wait for items to be delivered, pay for shipping or for those that wanted to avoid shopping in store altogether. However, as retailers adopted BOPIS, its rise flipped a switch and increased opportunities for fraudsters, enabling them to use stolen credit card information to make purchases online and then simply arrive at the store to pick up the item. So what can retailers do to ensure their customers are staying safe? Here are a few things to consider:
Department store chain Kmart has suffered a cyberattack by the Egregor ransomware operation, resulting in the encryption of devices and servers connected to the company’s networks. According to Bleeping Computer, online stores continue to operate, but the 'Transformco Human Resources Site,' 88sears.com, is currently offline, leading employees to believe the outage is caused by the recent ransomware attack.
This holiday season, more consumers than ever will be shopping digitally - and cybercriminals are already capitalizing on the opportunity. Greg Foss, Senior Cybersecurity Strategist at VMware Carbon Black, looked through the dark web to find that: There’s a continued rise in e-skimming attacks in the retail sector, where attackers inject JavaScript into website payment processing pages in order to siphon credit cards and account credentials from customers.
Keeper Security has examined new challenges for the retail industry as part of its Cybersecurity in the Remote Work Era: A Global Risk Report. With the holiday season quickly approaching, Keeper Security is issuing an advisory for retailers.
The NRF Foundation launched two new credentials in its RISE Up program in response to the coronavirus pandemic. The credentials focus on Retail Operations and Customer Conflict Prevention to further ensure retail workers — and the millions of customers they serve — can work and shop more safely and help keep the economy open.
The Retail Loss Prevention and Security Association will be hosting its THINK Tank II summit virtually on October 22. The association also launched a new website that coincides with the summit.
At NRF Protect this morning, loss prevention professionals discuss their tactics regarding COVID-19 response and the role of their departments in the organization.
The National Retail Federation (NRF) will be hosting the NRF PROTECT ALL ACCESS, a free, four-day online event taking place September 22 – 25, 2020, featuring dynamic speakers, a virtual expo highlighting 75 retail security collaborators and networking opportunities catered to the retail security community. With 16 sessions spanning topics from talent and culture to theft and fraud to cyber and digital crime, attendees will have access to the latest information for the loss prevention, asset protection and cyber risk communities.
The pandemic has redefined what it means to be a resilient business, especially when it comes to retail. “Essential” businesses that have remained open, such as supermarkets or pharmacies, have had to figure out how to operate safely in this new world. No matter the type of retailer, the importance of cybersecurity hasn’t gone away. If anything, it becomes more important as a cyber disruption could be the fatal final straw for a business looking for a smooth return to operations and maintain its brand image and reputation.
