RETAIL THREAT LANDSCAPE 2024
Retail Resilience: Barclays Retail Economics Report
Cyber and data threats are viewed as the biggest risks by over a third (34%) of UK retailers surveyed, with 70% saying they form part of their top three risks over the next 12 months.
Technology (customer seamless access to products and services), International Trade (environmental policy changes), and Finances (impact to supply chains), top three concerns facing UK retailers.
Risks to general retail: cyber/data – regulatory – financial – operational – strategic – environment and social.
Resilience identified through strong leadership, security and operations.
Retailers are already investing in technology, enhancing employee training and development (campaigns and workshops), strengthening supply chains, diversifying product offerings, and improving crisis management processes.
Audience - focus on retail, government, parents, younger generations, influencers and more.
July 22, 2024: Europol Internet Organised Crime Threat Assessment (IOCTA)
AI - Crime-as-a-service market incorporates selling of tools including malicious large language models (LLMs) on underground forums hosted on the dark web that can help online fraudsters to develop scripts and create phishing emails. Dark Web service called ‘Only Fake’ has been reported, selling services including AI-generated fake IDs that can open accounts online on financial services bypassing ‘Know Your Customer’.
Deepfakes - Enhanced by AI, can provide additional capabilities to threat actors such as mimicking the victim's voice, leveraging social engineering to get a person or target organisation to reveal sensitive information or transfer funds.
Ransomware groups - Continuing to exploit targets across the EU, including small-medium size businesses because of limited resources, and lacking cyber security defences. Retail and ecommerce are impacted through digital skimming cyber attacks against online checkout pages; phishing, and business email compromise. One other trend with ransomware groups involves capitalising on the downfall of their competitors to lure capable affiliates to their services. LockBit continued to be among the most prolific Ransomware-as-a-Service (RaaS) before its infrastructure was seized in February 2024, resulting in damaging its capability and credibility. a non-RaaS group called 'Cl0P’, made waves in 2023 particularly by carrying out zero-day campaign against the MOVEit file transfer software in May 2023, and previously GoAnywhere MFT.
Dark Web - Forums and marketplaces are still the main denominator for threat actors to thrive within the cyber crime ecosystem. Unregulated by law enforcement, threat actors can sell and advertise toolkits, credit card data, PII (personally identifiable information) malwares, exploits and more to build relationships in their community, and and gain a network of like minded groups. RAMP, Russian market, WWH-CLUB and Genesis have remained popular between 2023 - 2024 (Genesis marketplace was taken down successfully in 2023, used to sell credentials and bots).
Phishing - Remains the most used attack vector among fraud schemes between 2023 - 2024. SMS-based phishing, OR code scams also emerge as frequently used attack vectors. Online fraud schemes are enhanced through phishing-as-a-service products, services and ability to steal victims’ data, using cryptocurrency as payment method of choice for subscriptions, keeping the criminal network alive and thriving.
Digital Skimming - Web skimmers injected into the target website’s server or by exploiting a vulnerability in an ecommerce platform/placed into a site by exploiting a third-party resource resulting in a supply chain attack.
Web3 - Principles adopted in the future could mean a more decentralised Internet, whereby communications are neither controlled nor regulated by governments or private companies, underpinned by blockchain technology and P2P networks consisting of privately owned platforms controlled by users.
