Macrium company logo

2 Aug 2022

The retail industry is not exempt from cyberattacks. The Covid-19 pandemic has changed shopping from in-store to online. However, our overall reliance on digital technology has transformed retail. Cyberattacks cost retailers millions of dollars in ransomware prices. With today’s digitally focused business environment, investing in cybersecurity is a top priority.

Let’s review the current state of cybersecurity in retail and how preparation can save this sector from corrupt hackers.  

How Is Retail a Target for Cyberattacks?

A main driving force for why cyber attackers target the retail industry is customer information. Credit card payments and personal information are highly advantageous to cybercriminals. Storing online data to re-enter shopping accounts is risky if there is not proper cybersecurity established. 

IT Pro published an article about why retail is ranking in cyberattacks. Criminals who have access to customer databases “can send phishing emails pretending to be a legitimate business.” At this time, they can “ask for personal details, send malicious links, or include malware that can wreak havoc on a customer’s PC.” 

The article also signifies this risk is not exclusive to online shopping. The Internet of Things (IoT) is practicable in today’s business environment. Physical objects integrate with technology to be more available and adaptable. IoT devices in the retail industry include point of sales (PoS) systems and security cameras. As they incorporate technology features, there is more access for hackers. Malware-infected PoS systems are a threat to the private information of businesses and customers.

Progressive technology gives cyber attackers multiple points of entry. The retail industry can avoid costly repairs and preserve the image of its business. For either online shopping or in-person, establishing basic cybersecurity protocols is a preventative defense. 

The Consumer Goods Forum reports that “retail is more vulnerable to cyberattacks due to the nature of its online traffic and the design of its e-commerce websites.” Phones, stored customer data such as payments and personally-identifying information, and online shopping convenience make enforcing cybersecurity a challenge.

User-friendliness is a conflict. Retailers worry that “robust security measures can make the purchasing process seem time consuming and difficult, driving customers to abandon purchases.” If a customer-focused retail approach overshadows security measures, hackers will continue to plague retail industries. This is one obstacle the retail industry encounters when balancing between security and customer satisfaction. 

However, retailers who have not yet experienced cyberattacks or are unaware of current threats will soon realize that it’s not one of the other. Cybersecurity plays a considerable role in the authority, trustworthiness, and reliability of a company. In the worst cases, customers will leave a company when their personal security is at risk. 

Aftermath of Ransomware on the Retail Industry

Beyond the first sting of a cyberattack hit, there are other consequences that ruin a business. Retail Touchpoints lists five impacts regulations and investigations have on retail companies:

  • Financial exposure
  • Reputational risk
  • Limited options given the optics of litigating against the government
  • Time and resource-intensive
  • Business disruption

These impacts are critical for retail businesses to see that there are not only financial losses, “but also the potential for brand damage and loss of data.” The article shares two types of data: customer-related and intellectual property linked to confidential business operations. 

Online shopping opens the doors for us to purchase global goods and services. The U.S. economic regulations don’t always agree with those in Spain or the Netherlands. Cybersecurity practices from one country to another can lead to gaps in cyber safety across the marketplace. Along with the changing landscape of how technology is distributed and used in retail, it can be hard to keep up and maintain standardized cybersecurity. 

What Are the Responses for Ransomware and Encryption in Retail?

The Sophos’ State of Ransomware in Retail 2021 (PDF) surveyed “5,400 IT managers across 30 countries [with] 435 respondents from [the] retail sector.” The key findings from the survey showed: 

  • Ransomware hit 44% of retail organizations in 2021
  • Cybercriminals encrypted 54% of organizations’ data after a ransomware attack
  • 32% of businesses paid the ransom after their data was encrypted
  • On average, ransom payments cost US$147,811
  • Most often, only 67% of data is recovered when businesses pay the ransom
  • The average bill to resolve a ransomware attack is US$1.97 million for retailers who must factor in lost opportunity, downtime, network cost, device cost, ransom paid, and people time
  • For retailers who went through encryption, 56% use backups to restore data
  • Compared to the global average, the retail industry isn’t as equipped with encryption prevention: 34% vs 39%
  • The global average for cyberattack preparation is 82%, while the retail industry is only 78% 
  • 50% of retail respondents who don’t believe they will be attacked are relying on strategies proven ineffective from ransomware
  • 13% of participants do not have any concerns about ransomware

Among the recommendations Sophos provides the retail industry, they suggest making backups. In the line of defense, backup is a crucial aspect. They point to the downfall of losing data, regardless of paying the ransom. As there is rarely a full data recovery from cyberattacks, having backups is reassuring. 

Firewalls may fail and cybercriminals are becoming far more advanced than existing infrastructure security. Even with layers of cybersecurity protection, once a hack occurs, backups can redeem stolen data. They may eliminate the need to pay the ransomware.

The report also referenced the “3-2-1” backup plan. Companies should have three separate copies, two types of backups, and one offline and offsite copy that cyberattackers can’t reach.

Security is central to software design at Macrium. Our applications give you complete control over where your data is stored and will operate fully offline for the most secure, air-tight networks.

Macrium Software is a backup and image recovery solution. Along with other malware plans and protection software, backups are valuable ways to keep data despite malicious cyber activity. Check out our website to learn about installing effective backups to prevent data loss at