How Zero Trust helps retailers combat the surge in ransomware
Retailers encouraged to ‘trust nothing, verify everything’ in a bid to protect against increasing scale and sophistication of cyberattacks
By looking at the history of changes and challenges, particularly when Ransomware in retail is arguably the closest the public gets to seeing the devastation of cyberattacks. One day everything at the local store is normal; the next, it can’t process card payments, restock shelves or perform even the simplest of automated tasks. One week, children are enjoying their favourite snacks; the next, the products are nowhere to be found on the shelves. It’s easy to imagine how financial and reputational loss can build if the effects of a ransomware attack run into weeks or months.
The retail industry’s growing dependence on data and connectivity makes it a lucrative target for cybercriminals. When held to ransom by cybercriminals, the loss of business, customer loyalty, and even livelihoods become a real possibility. Zero Trust security principles are the most secure means to manage access without sacrificing productivity across the organisation itself and the many components of the supply chain.
Thousands of entry points demand a zero-trust approach
Since retail networks are highly connected both internally and with their suppliers, an attack can start from a poorly protected endpoint, point of sale (POS) system or any one of thousands of connections along the supply chain. It is therefore essential for retailers to take a fully comprehensive view of their business and be aware of all entry routes as they consider how to best to thwart cyberattacks.
As retailers experience a sharp increase in the amount of data they’re using, they’re also seeing a growing number of endpoints benefitting shoppers’ experiences, such as smartphone apps and kiosks, which all expand the attack surface.
It’s not only the customer-facing tech that’s vulnerable. The IoT-enabled warehouse, supply chain software, connected partners, or even the electric delivery van are all possible entry points for an attack. In fact, the software supply chain has been increasingly used as an attack vector across industries in recent years because the potential impact and spread of a supply chain attack can be far greater than targeting an individual victim. Once attackers are inside, they can access product, financial, and personal information on the business, its partners and customers.
With so many potential ways to start an attack, it becomes a cybercriminal’s playground. To address this, retailers need to implement a Zero Trust architecture which trusts nothing and continuously verifies everything. In Zero Trust security, no user can access anything until they prove who they are, that their access is authorised, and they’re not acting maliciously.
However, this continuous validation approach introduces a conflict with the uninterrupted, ‘Zero Touch’ experience of that users crave. Machine learning and predictive AI enable Zero Trust security mechanisms to block attacks while dynamically adapting security policy enforcement based on criteria like location, device handling, and other behavioural and contextual factors that can also protect against human error and well-intentioned security workarounds. Such tools can improve the user experience by minimising disruptions and the need to reauthenticate across multiple devices and applications unless warranted, providing the user with that Zero Touch experience in a Zero Trust environment.
Don’t be a victim - revise the attackers’ handbook for retail ransomware
Retail cyber teams must be on the lookout and prepare for new crime techniques deployed specifically for their environment.
Retail POS systems continue to be a lucrative target as cardholder data flows between consumers and retailers. Access to such data should therefore be tied to job functions like managers. Equally, all endpoints through which it could be accessed should be carefully planned and monitored from a single console, helping to avoid vulnerabilities posed by gaps in responsibility and ownership.
Next, it is vital to check all system layers for hidden malware. Ideally, a team would do this on a regular basis. Without checks, some breaches could go unnoticed for months, hidden amid the multitude of layers of retail software used by any one organisation. During that time, hackers can quietly move around the network exploring the systems and setting up tactics to engineer the most effective attack possible.
Organisations should deploy a defense in depth approach to cybersecurity technologies to ensure no layer of the system goes unchecked. Ordinarily, this might take weeks or months, but with AI, machine learning and, when needed, the assistance of an outsourced managed services team, the job can take a fraction of the time. By sweeping the environment regularly, teams can detect any deviations from the norm, faster. Meanwhile, if a dormant threat is found, incident response teams can stop executions before they strike. This wealth of experience allows retailers to focus on key security initiatives, rather than spending time and valuable resources recovering from breaches or triaging endless alerts.
Depending on the size of the compromised organization’s customer base, the impact of a supply chain attack can be huge (BlackBerry Threat Report) .
Pre-empt, Prevent, Protect
As retail environments transform from traditional storefronts to robust digital businesses, this famously diverse industry is united in its vulnerability to modern threats.
To protect our stores and favourite snacks from attacks, it’s essential to protect the integrity of transactions, customers’ data, and retail partnership networks with an AI-based Zero Trust architecture, along with robust security practices. Zero Trust strategies and the right collaboration tools are essential to assuring effective security controls are in place to manage access both inside and outside of an organisation’s IT environment and are key to managing the threat surface exposed to cyberattack.
The scourge of ransomware in retail can curbed – but it will take the whole industry working together using contemporary approaches with an eye towards preventing the attacks before they gain traction.
Exploiting trust in the supplier accounted for nearly 62% of attacks on customers (ENISA report).
To find out more about BlackBerry and the services they provide to the retail industry, click here.
This article was also published in The Retailer, our quarterly online magazine providing thought-leading insights from BRC experts and Associate Members.