Trend Micro has released a new report warning retailers of a major ransomware threat to their business ahead of a make-or-break holiday shopping period.
Research suggests that UK shoppers are set to halve their Christmas spending this year and focus their efforts on Black Friday bargains, forcing retailers to fight for every last penny.
However, new Trend Micro data reveals that three-quarters (74 per cent) of global retailers have been hit by a ransomware compromise over the past three years. Some 88 per cent of these had data encrypted and 79 per cent had that information leaked online by their exporters.
A further 86 per cent said the compromise impacted operations, which 80 per cent claimed took days or weeks to recover from.
“Threat actors are past masters at choosing the perfect moment to strike in order to optimise their potential ROI, so expect more targeted ransomware attacks against retailers in the run-up to Christmas,” said Bharat Mistry, technical director at Trend Micro. “Whether it’s an operational outage or a breach of customer/employee information, a serious attack could cost retailers dear, but many don’t currently appear to have adequate protection or detection and response capabilities in place.”
In fact, nearly half (47 per cent) of those surveyed by Trend Micro say they aren’t adequately protected from ransomware threats at present, or they don’t know.
A key problem could be visibility into threats targeting an extensive supply chain.
Over half (54 per cent) claim a supplier has been compromised by ransomware in the past, and most (54 per cent) believe their partners make them a more attractive target.
They could be right. Over three-fifths (62 per cent) say a “significant” proportion of the supply chain is populated by SMBs – which could be less well protected than larger firms with more resources to spend on security.
Yet despite acknowledging these risks, retailers are struggling to gain insight into their attack surface. Half or fewer respondents say they can detect key ransomware activity such as data exfiltration (50 per cent), initial access (48 per cent) and lateral movement (38 per cent).
This lack of visibility may be why relatively high numbers of respondents admit to not sharing threat intelligence with partners (29 per cent) and suppliers (43 per cent), which could otherwise help to improve supply chain security.