According to IBM X-Force Incident Response and Intelligence Services (IRIS) data, the retail service industry is the fourth most attacked industry sector, having made up 11 percent of the total attacks and incidents for the top 10 industries in 2018.
Attackers who target the retail shops we all love to frequent year-round do not exclusively reserve their efforts for the holiday season. In fact, IBM X-Force data shows that the biggest spam spikes take place in August, followed by large bouts in September and October as cybercriminals lay the grounds for their actual attacks.
For consumers, while shopping does spike considerably right after Thanksgiving and into the holiday season, shoppers continue to hunt for deals even after the beginning of the new year, counting on end-of-season sales, thereby keeping transactional volume relatively high, which provides a larger window of opportunity for criminals than just those special days.
As one of the most targeted industries, retailers should be taking measures to build a secure underlying infrastructure well ahead of the holidays and keep it evolving and maturing all year long.
Retail Backbones in the Crosshairs
When it comes to attacks on retailers, cybercriminals, especially organized crime groups, are out to find the vulnerabilities that would compromise more than one retailer at a time. They do this to maximize the return on their investment of time and money. To achieve that goal, they are attacking underlying web platforms and servers.
One example of a conglomerate of cybercrime factions operating in this way is staying vigilant about retail security black friday
