1

5Cybersecurity Threats in

Retail Industry

Introduction

2

Retail industry is growing at a very fast pace, especially online market. Online retail business is the next generation format which has a high potential for growth in the near future.

On one hand, technology is providing a lot of new and exciting opportunities for shoppers across the world, and on the other, it also increases the risk of cyber attacks.

Facts & Figures

3

• Retail industry suffered 215 data breaches in 2016.

• The average cost of a data breach per compromised record is $172for the retail industry in the year 2016.

• 81% of retail and consumer companies in North America detected at least one security incident.

• A whooping number of 32,551,173 records were stolen in the year 2016.

• The financial losses of these cyber attacks, with the majority of the

North American retailers, i.e. 53%, lost up to $100,000.

• The average number of breached records in India in the year 2016 is

31,225, placing the country at the top of the list of data breaches in the world.

Source: Breach Level Index (BLI), PWC, Ponemon Intstitute (DBS), CIO

41%

35%

24%

Malicious or criminal attack

System Glitch

Human Error

Root cause of data breachin India

Types of cyber attacks affecting retail industry

4

Hacking Phishing Social Engineering

Malware Ransomware

Data Theft PharmingWebsite Spoofing

Distributed Denial of Service (DDoS)

5

After affects of data breach on retail industry

OperationsBrand Reputation

Finances

Partner Relationship

Supplier Relationship

Customer Retention

5 CYBERSECURITY THREATS IN RETAIL INDUSTRY

6

MALWARE

7

Malware or malicious software is the most common threat to the retail industry. It is designed to take over, damage or exfiltrate data from a system, as well as attack other systems or gain additional insights into a system or network.

Malware includes viruses, Trojans, spyware, keyloggers, password dumpers, worms, scrapers, rootkits, adware, data exporters, etc.

5925 E-commerce websites were infected with malware in the year 2016.

51%of overall breaches include malware attacks.

66%of total malware attacks occur via malicious email attachments.

Source: BLI, Verizon DBIR 2017

DATA THEFT

8

Data theft is stealing personal information or important data by infecting the system or network using viruses or malware. It could result in a data breach that includes loss of financial information, technical documentation and personal data.

43%of holiday retailers were infected with malware between April to June 2016.

In November 2016, an Indian man living in Tokyo hacked the Kerala government's civil supplies department website and uploaded the sensitive information of all of Kerala's 8,022,360 Public Distribution System (PDS) beneficiaries and their family members on Facebook.

Confidential personal data of over 34 million residents were compromised. The data included name, addresses, monthly incomes, consumer numbers of power, electoral card details and cooking gas connections.

“

Source: Gulf news, BLI, Verizon

36.6million recordswere compromised in India in the year 2016.

81% of data breaches in

the retail market fall into these

three categories:

Denial of Service

Web Application Attacks

Payment Card Skimmers

DISTRIBUTED DENIALOF SERVICE (DDoS)

9

DDoS attack utilizes a variety of techniques to send countless junk requests to the targeted website. It makes the online service unavailable by overwhelming it with traffic from multiple sources.

Source: Verisign DDoS Report 2016

More than 50%customers who experienced DDoS attacks in Q4 2016 were targeted multiple times. 11.2 GBPS is the

average peak attack size in Q4 2016; with 22% attacks over 10 GBPS and 52% over 5 GBPS.

86% of attacks

employed multiple attack types.

““

Internet of Things (IoT) is an ecosystem of connected physical devices that are accessible through Internet.

IoT devices are constantly connected to the Internet and may not be looked at from a security perspective, thus leaving them vulnerable to a variety of cyber attacks.

INTERNET OF THINGS (IoT) INTEGRATION

10

In September 2016, Miraibotnet spread its threat among IoT device users. It automatically found IoTdevices to infect and conscript them into a botnet. These IoT devices were further used to mount DDoS attacks.

Mirai disrupted the Internet service for more than 900,000 Deutsche Telekom customers in Germany, and infected almost 2400 TalkTalk routers in the UK.

““

65% of shoppers are concerned of having their personal information hacked using their smartphone/IoT devices.

Source: Wired, Gartner, EY, PWC

70% of most commonly used IoT devices contain vulnerabilities.

PHISHING

11

91% of cyber attacks start with a phishing email.

Nearly 30% open phishing emails and 12% do click the link or open attached files.

Phishing is a process of contacting a person through email, message or call where the receiver is tricked to leak sensitive data such as personally identifiable information.

Source: PhishMe, Verizon DBIR 2017

Top reasons how people are duped using these phishing emails are:

“ “13.7%Curiosity

13.4%Fear

13.2%Urgency

17%OrderConfirmation

15.5%Job ApplicationReceived

11.9%Blank Email

Helps mitigate all such security threats in the retail sector with its range of

Dynamic, Scalable, and Future Ready solutions:

SEQRITE Endpoint Security

SEQRITE Unified Threat Management Solution (TERMINATOR)

SEQRITE Mobile Device Management

SEQRITE Data Loss Prevention

12

Endpoint Security FEATURES

PATCH MANAGEMENT

Enables IT administrators to check and

install missing security patches for all

applications installed on enterprise endpoints

from a centrally managed console.

WEB SECURITY

Automatically blocks websites infected with

malware or designed for phishing attacks.

APPLICATION CONTROL

Categories of applications can be authorized or

unauthorized from being executed within the

network.

DATA BACKUP AND RESTORE TOOL

Automatically and periodically (multiple times

a day), takes a backup of all important and

well-known file formats like PDF and Microsoft

Office files that are present on a computer.

RISKS MITIGATED

RANSOMWARE ATTACKS

INSIDER THREATS

CORE PROTECTION (IDS/IPS & FIREWALL)

IDS/IPS blocks threats that exploit software

vulnerabilities and Firewall thwarts malicious

attempts to access the corporate network.

BEHAVIOR DETECTION

Detects and blocks unknown viruses and

malware in real-time.

INFECTED WEBSITES

PHISHING ATTACKSINFECTED EXTERNAL DEVICES

SECURITY VULNERABILITIES

13

Data Loss Prevention

ADVANCED DEVICE CONTROL

- Configure access policies for more than 25 device

types.

- Blocks unverified devices.

- Prevents autorun infections.

ENHANCED PRIVACY PROTECTION & COMPLIANCE

- Identifies Office documents based on their origin.

- Prevents data leakage propagated by worms, Trojans,

and other malware threats.

- Issues regular notifications to reinforce user behavior

on data security.

LOWER COMPLEXITY & COST OF DEPLOYMENT

- Easy integration with existing Seqrite EPS.

- Defines DLP security polices and reports across multiple

endpoints in scattered locations.

- Centralized management and monitoring of crucial business

data.

CONTENT AWARE PROTECTION

- Monitors all actions on confidential files.

- Instantly notifies admins about unauthorized data leakage.

- Ensures that no confidential data leaves the organization.

- TARGETED ATTACKS

- HUMAN ERROR

- USB DRIVES

- WEB EMAIL

DATA LEAKAGE caused by:

RISKS MITIGATED

FEATURES

14

- BLUETOOTH

- CLOUD STORAGE

TERMINATOR

GATEWAY ANTIVIRUS

Scans all incoming and outgoing network traffic

at the gateway level. Augments existing virus

solutions by reducing the window of

vulnerability (WoV).

FIREWALL

Admins can permit or block access for traffic

between internal and external networks

based on enterprise compliance policies.

VIRTUAL PRIVATE NETWORK

Provides IT administrators with a means for

secure communications between the

company's remote users and for building site-to-

site connections.

IDS / IPS

Scrutinizes network traffic in real-time and

prevents a broad range of DoS and DDoS

attacks before they penetrate the network.

DoS & DDoS ATTACKS

INTERNET DOWNTIME

GATEWAY MAIL PROTECTION

Scans incoming/outgoing emails or attachments

at the gateway level to block spam and phishing

emails before they enter the network.

CONTENT FILTERING

Allows blocking of non-business related websites

including streaming media sites, downloads,

instant messaging, etc., in order to reduce

unnecessary load on enterprise bandwidth.

MALICIOUS INTERNET TRAFFIC

MALICIOUS EMAILSMAN-in-the-MIDDLE ATTACKS

ADVANCED PERSISTENT THREATS

FEATURES

RISKS MITIGATED

15

MDM

APPLICATION CONTROL

Apps can be remotely managed/ installed/

blocked in order to maintain policy compliance

and productivity within the network.

VIRTUAL FENCING

Preset virtual boundaries that restrict device

usage and functionality. These boundaries can

be triggered by geolocation-based, time-based

or Wi-Fi network-based data.

UNIFIED MANAGEMENT CONSOLE

Manage and synchronize all connected devices

through a centralized graphical interface.

NETWORK DATA MONITORING

Admins can view details of Internet data used

over mobile networks or Wi-Fi. They can also

monitor all incoming and outgoing calls and

SMSs on enterprise mobile devices.

DATA THEFT FROM LOST/

STOLEN MOBILE PHONES

ANTI-THEFT

Prevents misuse of lost/stolen mobile phones by

remotely tracking and locking them. Also prevents

data breach by remotely erasing the phone’s data.

INTERNET THREATS

JAILBREAKING/ ROOTING

OF MOBILE DEVICES

MALICIOUS MOBILE APPS

SECURITY MANAGEMENT

Features such as browsing protection, web

filtering, anti-theft, and geolocation tracking

ensure the safety of enterprise devices.

MOBILE MALWARE

BAD SECURITY HYGIENE

FEATURES

RISKS MITIGATED

16

17

THANK YOU