Most UK Retailers See Increase in Cyber-Attacks

Most UK Retailers See Increase in Cyber-Attacks

The majority of UK retailers are seeing an increase in cyber-attacks, prompting them to spend more on security, according to the latest survey from the British Retail Consortium (BRC).

The industry body’s 2019 Retail Crime Survey covers the period of April 2017 to March 2018 and includes the responses of retailers which generate a third of the market’s total revenue.

It found that almost 80% of respondents had seen an increase in cyber-attacks, with spending on cybersecurity rising by 17% since the previous annual report to reach around £162m for the industry last year.

Phishing was viewed as a high-risk cybercrime by the largest number of respondents (80%) followed by data theft (50%). Denial of service, whaling and web-based attacks also garnered between 40-50% of respondents.

Clare Gardiner, director of engagement at the National Cyber Security Centre, lauded the GCHQ body’s outreach efforts, which has resulted in a jointly produced BRC Cyber Security Toolkit.

“Cyber-attacks can have a huge impact, but to help potential victims pro-actively defend themselves we have published a range of easy-to-implement guidance on our website,” she added.

“Organizations can also share threat intelligence in a confidential way through the NCSC’s online Cyber Information Sharing Partnership (CiSP), which increases awareness to dangers and reduces the impact on UK businesses.”

Retailers are a major target for cyber-criminals as they often store large volumes of customer PII and financial data, and customers can also be a lucrative target for follow-on fraud.

Some 60% of European retailers claimed to have seen an increase in fraud from 2017 to 2018, according to a report from Adyen last November.

Most recently, retailers have been forced to combat another menace, digital skimming code on their payment pages designed to covertly lift card details as they’re entered in by customers.

Groups using this Magecart code have compromised hundreds of e-commerce sites, possibly more.

In the US, Point of Sale malware is still the biggest cyber-threat for retailers as EMV migration continues to lag, according to a Trustwave 2018 report.

Source: Information Security Magazine