Protect Your Back-to-School Sales From POS Ransomware
August 08, 2017
Convenient, customer-facing, and credit-card-enabled POS terminals enable busy shoppers to just swipe-and-go to pay for goods. They also help retailers maximize their business, capturing sales during busy sales cycles, like back-to-school season. According to Deloitte, this year, U.S. households will spend $27 billion to get children ready for school, with the bulk of spending occurring in late July and early August. More than $1 for every $2 will be spent in stores, which is good news to retailers that want to maximize the value of their physical footprint.
As a retailer, you’re probably doubling down on POS security this back-to-school season to avoid malware, which could infect your networks. However, are you ready for ransomware, which could bring your business to its knees? Our security experts believe that cybercriminals will be shifting tactics this year due to declining revenues from stolen credit card sales. This blog walks you through our rationale for the rise of ransomware – and tells you what you need to do to get ready for a potential and ongoing surge of attacks. We believe there’s not a minute to lose with back-to-school season underway, so let’s get started.
Retail attacks have been big business for cybercriminals and have cost the industry millions.
With its endless POS endpoints, the retail industry has always been a desirable target for cybercriminals. They know that if they can introduce malware into POS networks, they can make a decent amount of cash by selling credit card numbers on the “dark web.”
With their millions of customers, large retailers have typically been the hardest-hit. Companies must pay up to $172 per stolen record in clean-up costs. A major retailer just paid $18.5 million to address the impact of its 2013 hack, which resulted in 41 million stolen credit cards.
Declining retail cyberhacking revenues are causing enterprising criminals to consider new threat patterns like ransomware.
The number of retail data breaches are dropping as large retailers install chip readers and credit card company risk engines get better. Plus, an overabundance of stolen cards flood the market. However, a bigger threat looms: POS ransomware. In the whitepaper, Imagine the Impact: POS Ransomware – Devastating Business Loss
, we look at the changing economics of retail cybercrime and share how you can protect your business from a ransomware attack.
Ransomware will be far more profitable in the future than POS hacks to obtain credit card numbers. We believe that enterprising cybercriminals will target both large and small retailers with ransomware attacks to force large, immediate payments to restore operations.
Companies that are hit by ransomware attacks are in a do-or-die position, because the attack will be so public and disabling. They will suffer:
- Disabled store operations and sales for the period of the attack
- An inability to access much or all of critical business systems
- Loss of consumer trust and revenues, as shoppers take their business elsewhere
- The potential that customers will never return due to fears of having their financial data compromised
- Potential total loss of customer and business data if systems are not fully restored
A major ransomware attack could forever harm the competitiveness of a large retailer. It could put a small- to medium-size retailer out of business after just one breach.
If you haven’t hardened IT and POS security, you should start now to protect your retail business from ransomware and other threats.
You may be running anti-virus software and managed firewalls, but you may or may not be running a strong offense with active monitoring and threat detection. For the purpose of this blog, we’ll assume you’ve got the security basics covered and may need some help.
Here are our best tips for hardening your security stance and protecting your infrastructure from ransomware:
Run a vulnerability scan, and update all operating system and software upgrades and patches immediately.
Some 98% of WannaCry victims were running Windows 7, not Windows XP. Many had likely failed to install an earlier software patch that would have protected their business. It’s hard to take operating systems down for updates during your busy season. However, it makes dollars and sense to protect your systems and revenues with the latest, greatest software updates from your vendors.
Set up a next-generation security system.
Buy, build, or borrow the resources to stay ahead of threats and stop ransomware in its tracks with:
- A next-generation firewall that includes rules you configure to control incoming and outgoing traffic. Manage it 24/7 to make it effective.
- Use a Security Information and Event Management (SIEM) application to analyze all of your data, filtering out the “noise” or false positives that can make it difficult to detect threat patterns and anomalies that indicate early-stage attacks. The SIEM will issue alerts, so that you can take immediate action when warranted.
- Implement a Managed Detection and Response (MDR) system that will detect incoming and existing malware, whether it is located on a POS system, workstation, or network. Set it to automate immediate, direct remediation, which will help with some threats.
- Consider setting up or hiring a Managed Security Service Provider (MSSP) that offers a Security Operations Center (SOC), to do around-the-clock monitoring, evaluation, and response of all security alerts. This team can evaluate the universe of threats you face, triage, and escalate resources to deal with critical threats on an ongoing basis.
- Leverage the power of machine-learning with User Entity Behavior Analysis (UEBA). This model will do a deep dive on your logs and reports to get better and better at threat detection over time.
- Ransomware can hit anyone. Take steps now to protect your business, your customers, and your future. Want to learn more? We have some relevant resources you might like: