- A third British retailer was struck by a cyber attack
- The M&S incident is probably a scortedspider ransomware attack
- Retailers are at risk due to high time stopping costs
The Harrods luxury department has become the third British retailer to be struck by a cyber attack in a few days, the company restricting Internet access on its sites after trying to access its systems.
The incident closely follows the confirmation that an anterior attack targeting Marks & Spencer, causing generalized breakdowns in stores and the online retailer platform, would be the work of dispersed hackers.
The third incident, a cyber attack on the CO-OP retail giant, forced the supermarket to eliminate parts of its computer systems and take proactive measures to defend themselves against attackers.
There are certainly similarities between the reports of incidents, and in such a rapid succession, it seems that it can be a link between them, but the extent of the attacks remains to be seen – here is what we know so far.
No known link
Despite schedules and similarities, there is no official link between incidents, although it is likely that the three incidents are underway, so that more information can be revealed as the attacks take place.
In the meantime, security teams should be ultra -vigilant and should deploy the best ending points protection software to ensure the security of their organization.
EMEA’s executive vice-president of Sonicwall, Spencer Starkey, explains Ransomware, “holds the commercial operations of victims organizations, which has a unique impact on retailers and other organizations that provide daily direct services to their customers.”
As we saw in the continuous disruption of the M&S attack, these incidents can have a devastating effect, the course of the action of the supermarket falling 7%, causing millions of lost sales and stoppage time.
Starkey explains that these attacks are particularly harmful to retailers because they directly affect the revenue generation, which provides an additional lever effect to the attackers, and warns that companies should operate on the presumption that they will inevitably be targeted, it should therefore develop a full response plan.
Not so, but when
The concerns increases for companies across the country, and retail attacks have increased sharply since the development of AI tools designed to help cybercriminals to send more frequent and sophisticated attacks.
The chief of the National Cyber Security Center (NCSC), Dr. Richard Horne, warned that these attacks should serve as “alarm clock” to all organizations, and urges security managers to ensure that they have “appropriate measures in place to help prevent attacks and respond and recover effectively”.
The former NSA cyber-chief, Cody Barrow, also warns that the generator “accelerates the landscape of threats” and that sophisticated attacks such as social engineering and adaptive malware campaigns are now available for attackers even unskilled.
In particular, criminals are able to send an incredible number of social engineering attacks, which are specifically designed to encourage victims to give attackers access to their networks.
Best safety practices recommend using the best antivirus software, the best malware removal software and the training of all staff to recognize phishing attacks.
These attacks describe how vulnerable the sector is, and Barrow maintains that this is “due to the volume of customer data and the high cost of operational downtime”. However, the reality is that almost all sectors are faced with more threats than ever.
“The retailers must assume that these are targets. Response to repeated incidents, clear communication protocols and multi-factory authentication for administrative access are now essential. Terminals and response tools must be standard, and non -optional. For consumers, vigilance is crucial: updating passwords, monitoring financial activity and the watch for scams operating recent offenses. ”
