How Brick-and-Mortar Retailers Can Avoid Cyberattacks During the Holidays



Read Time

6 Minutes

Last Updated

Mar 28, 2024

table of contents

Holiday shopping is still happening even in this pandemic year — and not only online. Although the typical Black Friday and Cyber Monday crowds never appeared, the National Retail Federation expects brick-and-mortar retailers to reach $550 billion in holiday sales in November and December.1 This month, shoppers who are tired of staying home and are encouraged by the arrival of the COVID-19 vaccine could again choose to hit nearby retail stores for some last-minute gifts for friends and family.

Although e-commerce sites are frequent targets of cyberattacks, few people think twice about the safety of shopping in a store. But brick-and-mortar shops also need to be cyber smart because cybercriminals do target offline retailers. In August 2019, supermarket chain Hy-Vee disclosed a point-of-sale (POS) system security breach that exposed the payment details of 5.3 million payment cards.2 The popular retail chain Target was the victim of a POS attack in 2013 that exposed the payment card data of 40 million holiday shoppers.3

How Do Cyberattacks and Data Breaches Hurt Brick-and-Mortar Retailers?

Data hacks like these not only tarnish brands, but they also have huge financial costs. Cybercriminals used POS malware to steal the transaction data of 40 million Home Depot customers in 2014. This year, Home Depot paid $15.5 million to settle claims over the data breach.4

What Makes Brick-and-Mortar Stores Vulnerable to Cyberattacks?

The five most common vulnerabilities that make storefront retailers easy targets for cybercriminals are:

1. Unsecured POS Systems

Hackers can easily exploit an unpatched, unsecured POS system with malware designed to steal payment card and financial data. Sophisticated malware can also move laterally and infect a retailer’s IT network and critical databases.

2. Legacy Computer Software and Outdated Business Applications

It’s not unusual for retailers to run their systems and processes on legacy software. Using outdated or unsupported software and applications is a security risk. If there are vulnerabilities in legacy software, no patches or security updates will be available for them, leaving a retailer’s network vulnerable to major attacks.

3. Uninformed, Inexperienced Employees

Employees can turn into liabilities instead of assets if a retail store owner fails to train them in cybersecurity best practices. Some of the human errors that weaken a retailer’s security posture are unauthorized use of the company’s digital resources, like using devices for non-work purposes, and storing sensitive information in data sticks without password protection. Cybercriminals are also aware of these potential weak links, and they deploy phishing and social engineering tactics targeting employees to infiltrate networks.

4. Insider Threats

The retail industry has a high employee turnover rate, and it also relies on seasonal employees during busy periods like the holiday shopping season. Disgruntled former and current employees can steal sensitive information and sell it themselves or be lured by hackers to grant backdoor entry into a retailer’s network.5 A PwC report estimates that current and former employees are the likely sources of 30% and 26% of security incidents affecting organizations, respectively.6

5. Third-Party Risk

Retailers provide suppliers, distributors, contractors, and consultants with trusted access to their ecosystem. The security practices of these third-parties might not be robust enough. The PwC report cited above attributes 19% of security incidents to third-parties. Sophisticated attack vectors that gain access to an affiliate’s network can also spread to the retailer’s assets.

Learn about ColorTokens’ retail industry cybersecurity solutions
Learn about ColorTokens’ retail industry cybersecurity solutions Read More

How Can Brick-and-Mortar Retailers Protect Themselves Against Cyberthreats?

Retailers need to ward off cybersecurity threats not just to protect their customers’ sensitive data and PII but also to ensure business continuity. To secure their critical assets and avoid falling victim to a cyber incident during the busy holiday shopping season, these are the steps that brick-and-mortar retailers should take.

1. Protect POS Systems with Efficient Endpoint Security

While PCI-DSS principles go a long way in protecting customer card data, an endpoint security solution like ColorTokens Xprotect provides more meticulous protection to retailers. Xprotect enables security teams to lock down infected POS systems using application whitelisting technology that allows only authorized processes to run. Enabling process lockdown can protect POS systems from zero-day attacks, file-less malware, advanced persistent threats (APTs), and ransomware.

2. Train Staff and Manage Third-Party Risks

Retailers should educate their staff about cybersecurity best practices to make them aware of device usage policies, data encryption requirements, and phishing attacks. Store owners can manage third-party risks by verifying the security posture of affiliates. They should bring onboard entities only after they complete the required cybersecurity certifications.

3. Control Access with Zero Trust Security

Retailers need to implement stringent data access controls to protect against known and unknown threats. Adopting zero trust principles is a proactive security approach. It minimizes the attack surface and limits access to data and applications only to authorized and authenticated users. ColorTokens Xtended ZeroTrust Platform helps retailers comply with regulatory mandates and protects their networks from insider threats.

4. Gain Visibility into Network Traffic

Without visibility into East-West server traffic, it is almost impossible to detect hackers once they gain access to the network. ColorTokens Xshield provides granular visibility and control over network communications and server traffic. With cross-segment traffic visibility, a retailer’s security team can detect suspicious behavior and inspect affected systems or applications. Complete visibility also simplifies PCI-DSS compliance and reduces the scope of audits.

5. Isolate and Protect Critical Assets with Microsegmentation

Retailers should secure sensitive and critical assets — such as POS systems, cardholder data, servers, CRM, and databases — by isolating them with the help of microsegmentation. In the event of a breach, the security team can isolate these critical assets and block lateral movement, effectively reducing the attack surface. ColorTokens Xshield enables software-defined microsegmentation that creates logical segments without complex rules and configuration.

Since people still ventured out to shop on Black Friday and Cyber Monday, brick-and-mortar stores should be prepared to see holiday shoppers in their shops. Retailers should also prepare to protect their brands and their businesses by adopting the proactive zero trust security model, which encompasses microsegmentation, granular access control, and continuous monitoring of network traffic. Zero trust security can help retailers reduce their attack surface and protect their networks from inside and outside threats.