The Top 5 Cyberthreats to the Retail Industry and How to Prevent Them


Macy’s, Adidas, Panera Bread and Chili’s are just a few of the retailers and merchants who have fallen victim to cyberattacks in the last few months, putting payment card data and other personally identifiable information (PII) at risk for thousands of customers. Although there is no end in sight to the relentless attacks on the industry, research shows that with the right threat intelligence retailers can take a proactive approach to limit the impact of attacks and even proactively prevent breaches.

On an ongoing basis, Visa tracks global breach trends affecting retailers and other merchants. In 2017, their research confirmed that the U.S. and Europe were the top two regions for payment data breaches. While more breaches are occurring at e-commerce merchants (41%), most of the leaked data comes from the largest brick and mortar entities (85%). Cyber criminals have set their sights on restaurants, retailers, business-to-business and lodging (hotels/hospitality) merchants. However, attacks on “agents” (banks and payment processors) are also on the rise.

While it’s safe to say that no organization is immune, by analyzing and understanding each event, retailers, merchants and agents can improve their controls. Threat actors are reusing the same tactics – specific malware, targeted vulnerabilities and preferred infrastructure – to execute attacks across the industry. In the process, they are leaving a trail of breadcrumbs, or indicators of compromise (IoCs), that provide insights into threats. Leading retailers using these indicators to their advantage; they’re learning from history to strengthen defenses and mitigate risk sooner.

Visa identified the five most common cyberthreats that affected retailers in 2017 and what we can expect through 2018 and beyond. The report provides details on the IoCs related to these threats, including network and host-based indicators, the threat actors represented and the attack phase associated with each. It also offers controls and activities that retailers and merchants are using to detect and respond quickly to suspicious events to more effectively manage threats and protect their brands.

Download The Top 5 Retail Point-of-Sale Cyberthreats  by Glen Jones, Visa Threat Intelligence, to get the details and learn how to protect payment card data and other PII and join us at the Retail Cyber Intelligence Summit 2018 on October 2nd and 3rd in Denver, Colorado.



Blog Archive

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.
Share This