Financial Data
Updated 06 Dec 2020

Why retailers are an attractive target for hackers

Retailers have become prime targets for cyber-criminal syndicates. Insurance can help mitigate the risk of a breach.

Simon Campbell-Young, 03 June 2018  Share  0 comments  Print

All the answers to your unique business lifestage questions

International news of cyber-attacks on several retailers, including Target, Home Depot and British Airways, have clearly shown that attacks on sector powerhouses are on the rise. It seems too that no business is too large for cyber crooks.

How the attackers cause disruption


There are several main types of attacks threatening retailers. Firstly, denial of service, or DDoS attacks. In these attacks, threat actors use a network of ‘zombie’ computers or botnets to compromise the availability of networks and systems. This type of attack might be carried out by ‘hacktivists’ who have an ideological motivation, or by cyber criminals who want to hold the retailer to ransom, or to hide their true intentions.

Related: How to make technology in retail work to your advantage

Payment attacks

Then we see attacks on the systems that handle payment card data. This type of data is like gold to cyber criminals. Gaining access to your customers’ payment card data or customer information is the primary motivation. This data is used on forged cards or for fraudulent transactions, and customers’ personal details are used primarily for identity theft.

Web app attacks

Next, we see many Web application attacks, in which hackers exploit vulnerabilities in online retail sites to get a foothold. They do this by phishing, spear phishing, SQL injection attacks, as well as brute force hacking. These attackers are also after financial card information. 

Reducing risk of being hacked 

Cyber -security

Craft a response strategy

Retailers can reduce the cost of a potential cyber security incident by following good security practices, such as having a business continuity plan, and an incident response in place, and investing in good security solutions. However, no security tool is a silver bullet. The chances are that retailers will all be breached at some time or another, and this is where cyber insurance comes in.

Related: Is the smartphone making it more challenging to be a retailer?

Make data-care a priority

Addressing the issue of cyber risk is core to the business model of any retailer moving forward. In fact, showing extreme care with, and control of, customer data has become a competitive differentiator. Retailers who protect their customers’ personal data are trusted.

Investigate cyber risk cover

Data breaches can affect thousands, or even millions, of individuals, including customers and third-party partners, and can take several months to detect and mitigate. This is why it is surprising that traditional insurance policies don’t cover cyber risks at all. Retailers should consider having cyber insurance in place to protect them from the soaring costs associated with data breaches.

Covering the costs of cyber invasions

Insurance is available

Cyber insurance helps cover the major costs of a data breach. These include any legal costs related to the incident, compliance issues such as notifying any affected parties, credit monitoring services, damage control and the services of experts to help rebuild reputation, as well as data recovery costs, and damage to systems.

Related: The real cost of shoplifting on your retail store (and how to curb it)

All retailers need cover

Every online and physical retailer, from multi-national behemoths to the smallest of independent shops, relies totally on their computer systems for survival. Even a tiny security incident could cost them dearly, from tens of thousands to millions.

Invaluable in the event of a hack

Cyber insurance not only provides a financial pay out in the event of a breach, it provides invaluable expertise and technical resources to help mitigate the damage in the event of a breach, and protect systems going forward.

Rate It12345rating

About the author

Simon Campbell-Young

Having started his career as a startup partner for FSA Distribution in 1990, Simon Campbell-Young went on to start his own company called Memtek Distribution in 1995. This was sold to a public company called Siltek Holdings between 1998 to 2000. Shortly thereafter, he took his experience in the technology sector, garnered over more than 23 years, to form specialist distribution company Phoenix Distribution in 2000. Phoenix Distribution was then acquired by First Technology Holdings in 2008.

Introducing the bank’s advice for new entrants to farming

Considering going into farming? Head of Agribusiness, Nico Groenewald gives top advice on common mistakes to avoid and how to overcome the barriers to entry in agribusiness.

Login to comment