Spotify on iPhone. — Photo: © Jonathan Nackstrand, AFP
Black Friday and Cyber Monday mark two of the most important events for retailers. These events began as U.S.-centric and they have evolved to become worldwide ‘celebrations’ of consumerism. In the U.S., November and December have historically accounted for nearly a third of the retail industry’s annual sales. However, with cybercrime, particularly ransomware, growing in 2021 by as much as 900 percent, IT professionals in the retail industry have no choice but to strengthen security practices.
Linking with the shopping events, the retail industry has been chief among those to feel the ransomware pain. According to Sophos’s State of Ransomware in Retail 2021 Report, approximately 44 percent of retail organizations were hit by a ransomware attack in 2020, and more than half of those affected (54 percent) said cyber criminals had succeeded in encrypting their data.
The research also indicated that 32 percent of retail organizations whose data was encrypted paid the ransom to get their data back. The average ransom payment was $147,811 (significant but albeit lower than the global average of $170,404).
According to Surya Varanasi, CTO of StorCentric, record sales are predicted online, improving on top of the 2020 baseline. Varanasi explains to Digital Journal that: “According to Salesforce, the 2020 holiday season broke records and online sales in 2021 are expected to continue to surge.”
Furthermore, the analyst finds: “Salesforce predicts ‘online sales will continue to grow, up to 10 percent in the U.S. and 7 percent around the globe. Put another way, between November and December, online shoppers will spend $259 billion in the U.S. and $1.2 trillion globally.”
This is partly a consequence of the digital transformation of retail, as Varanasi finds: Thanks to better omni-channel experiences, you can expect shoppers to keep clicking ‘add to cart’ even past the shipping cutoff.’ While there is always a chance that ransomware will hit a smaller retail organization, the greatest likelihood is that it will target large organizations with operations, revenue and personally identifiable information to protect, as well as the deepest pockets to pay.”
So, how can security be strengthened? Varanasi advises: “To put aside traditional strategies and instead take data protection and security to the next level — from basic to unbreakable.”
As to what this means: “An Unbreakable Backup solution overcomes today’s most common cybercriminal strategy, which is to attack the backup first, and then come after the production data and operations. In this way, the retail IT executive loses their backup plan — excuse the pun — and is at the mercy of the ransomware demands. Instead, Unbreakable Backup creates an immutable copy of the data which cannot be deleted, corrupted or changed in any way.”
There are further advantages too: “And it can do so for copies kept onsite, remotely and in the cloud. Then, it takes the admin keys and stores them in another location entirely — hidden from cybercriminals or even an insider threat.”
Varanasi concludes: “Once done, retail IT executives can rededicate their time to activities that ensure the optimum customer experience and premium sales, as well as safe, efficient and cost-effective back office operations.”