Retail and hospitality industries are in the midst of a technology adoption boom. Digital channels are being expanded as consumers go online at all stages of the purchase process—from information gathering, to pre-purchase, to post-purchase service.
RH-ISAC and Accenture Security’s iDefense have teamed up to provide a first of its kind threat intelligence report for retail and hospitality available online as TLP: White.
iDefense and RH-ISAC analysis saw cybercriminals and cyber-espionage groups remain active throughout 2018. The retail and hospitality sectors are diverse, and threats were distributed to impact much of the sector. When compared with other malicious indicators, malspam (cybercriminal malicious e-mail campaigns) accounted for the highest volume of RH-ISAC member reporting during 2018. This activity is a global problem, with campaigns observed daily, and is likely to continue.
The iDefense and RH-ISAC teams have highlighted the following four key topics as important threat considerations for organizations within the retail sector:
Looking forward into 2019 and beyond, organizations can anticipate continued targeting, both strategic and opportunistic, by cybercriminals as well as nation states. Chatbots, eCommerce frameworks and digital assistants may continue to be at the center of incidents leading to theft of payment card data. Nation state interest in retail, hospitality, food and beverage is likely to continue in the coming years. Industry-agnostic threats, such as ransomware and destructive malware, are likely to be used in campaigns in the future.
Three actions can be taken to drive proactive defense:
For the full TLP: White report, visit: https://www.accenture.com/us-en/insights/consulting/retail-hospitality-threat-trend-report. If you are an RH-ISAC member, contact email@example.com for the TLP: Amber version.