The coronavirus pandemic has caused huge challenges for most businesses, but the retail industry has been hit especially hard. After having to close their doors to comply with social distancing mandates, reopening has caused their businesses to again become a high priority cyber attack target.
The increased cyber activity on retail organizations can be partially attributed to the increase in online shopping caused by COVID-19 but also due to the cyclical nature of cybercrime itself. Perhaps one of the most notable cyberattacks ever was in 2013 when hackers stole personal information of 110 million Target customers. In the aftermath, retailers hurried to enhance protections. Now, we’re seeing apparent weaknesses again in the retail industry and it’s put a “target” right back on those enterprises.
Many businesses were forced to make a rapid shift to ecommerce in an effort to stay afloat while physical shops remained closed, but online stores are getting increasingly difficult to secure. Those who didn’t invest enough time and effort into creating a secure system run the risk of discounting any potential revenue gains by significantly increasing their attack surface. With ineffective security, adversaries have found many opportunities to exploit vulnerabilities and steal payment card information. Additionally, by integrating ecommerce platforms into back end systems such as inventory, payment, and data networks, retailers have created even more opportunities for a breach.
Unfortunately, the outlook isn’t much better now that some stores are opening their doors again. Brick and mortar stores and restaurants will experience lower than average revenues, which will put significant constraints on their spending and resources. Monitoring and managing networks and providing needed layers of security may take a back seat. Adversaries will take advantage of this vulnerability; in fact, analyst reports are already showing a big increase in both ransomware and payment card skimming attacks.
Physical stores present cybersecurity challenges of their own. Both telecom and endpoint security solutions have significant vulnerabilities. The recent popularity of SD-WAN has opened up known vulnerabilities to premise-based equipment, which allows attackers to virtually infiltrate stores and restaurants, and then scan for POS networks. If compromised, any enterprise endpoint, such as desktops and laptops, could also allow hackers to gain access to POS networks. Most zero day, unknown and fileless malware would be able to evade endpoint security to start the attacks.
It is imperative that retailers reassess and, where necessary, revamp their cybersecurity infrastructure to adequately protect against the growing number of diverse and destructive threats they’re facing. Blue Ridge Networks can help mitigate some of these cybersecurity risks by supporting locations with internet broadband and secure communications via a centralized SCDN Model.
A Secure Cloud Defined Network (“SCDN”) cybersecurity solution enables secure data transfer, supports trusted connections with remote users and offers unique protection against zero-day malware including memory scraping malware that exfiltrates customer data. The innovative, redundant cybersecurity architecture uses isolation and containment principles to establish trusted entry into the network and protect the entire IT stack. SCDN also includes a centralized managed router, which will provide secure access to the bank for transactions, and it can include multiple types of secure remote access to the POC and store LANs for authenticated personnel and trusted third-party vendors.
SCDN can compete against, or even replace popular SD-WAN solutions. In either case, SCDN provides a much needed cost savings, particularly for those who do not have the resources and capital for the multiple layers of managed security required to secure a location.
Replacing SD-WAN makes the solution 50% less expensive and removes the burden of addressing in-store vulnerabilities such as web filtering, email security, endpoint security and strong network monitoring. This can all be mitigated with SCDN, and the managed solution provides best in class data transfer with fault tolerant and failover capabilities in both the storefront and in the network and failsafe security for the POS with one low cost monthly price.
This model of security eliminates the vulnerability points that have led to breaches in many retail environments across the globe and perhaps most importantly, The Blue Ridge SCDN security model has been operating for over 20 years – with no reported breaches.