Retail and hospitality threat trend report
July 3, 2019
RESEARCH REPORT
In brief
In brief
- While technology enables retail and hospitality sectors to better use data to achieve customer service and personalization, they also create risk.
- Accenture Security iDefense has partnered with the Retail & Hospitality-ISAC to overview the threats and examine threat activity during 2018.
- We identify four key topics affecting the threat landscape and make suggestions around how to tackle them.
- Information from this report can be used to grow trust-based relationships, strategic knowledge and tactical capabilities.
The story so far
Retail and hospitality industries are in the midst of a technology adoption boom. Digital channels are being expanded as consumers go online at all stages of the purchase process—from information gathering, to pre-purchase, to post-purchase service.
iDefense and RH-ISAC analysis saw cybercriminals and cyber-espionage groups remain active throughout 2018. The retail and hospitality sectors are diverse, and threats were distributed to impact much of the sector. When compared with other malicious indicators, malspam (cybercriminal malicious e-mail campaigns) accounted for the highest volume of RH-ISAC member reporting during 2018. This activity is a global problem, with campaigns observed daily, and is likely to continue.
Accenture and RH-ISAC are teaming to help retailers and hospitality companies to advance security capabilities, be better informed, and stay one step ahead of sophisticated cybercriminals.
Key threats
The iDefense and RH-ISAC teams have highlighted the following four key topics as important threat considerations for organizations within the retail sector:
- Strategic threat landscape and horizon scan: Technology innovation in the sector could draw significant investment and lead adversaries to evaluate opportunities as a result of that spend.
- Cyber espionage impacting hospitality: Personally identifiable information stolen from hospitality organizations, or their clientele, can be used for purposes beyond financial gain, such as to track travel patterns of high-value targets.
- Analysis and comparison of point-of-sale malware families: Despite the widespread adoption of chip cards in the United States, attackers continue to find ways to steal credit card information, often offering it for sale to criminals or exploiting the data themselves.
- Virtual skimming threat activity poses risk to payment card data: The demand for new skimmer development and deployment could grow as more and more global consumers use mobile applications for purchasing.
Technology is enabling retailers and hospitality companies to meet rising consumer expectations, but has also exposed new security vulnerabilities.
Future outlook
Looking forward into 2019 and beyond, organizations can anticipate continued targeting, both strategic and opportunistic, by cybercriminals as well as nation states. Chatbots, eCommerce frameworks and digital assistants may continue to be at the center of incidents leading to theft of payment card data. Nation state interest in retail, hospitality, food and beverage is likely to continue in the coming years. Industry-agnostic threats, such as ransomware and destructive malware, are likely to be used in campaigns in the future.
Three actions can be taken to drive proactive defense:
- Adopt a continuous response model—always assume you have been breached—and use your incident response and threat hunting teams to look for the next breach.
- Strive to distinguish cybercrime from espionage or commodity from targeted activity.
- Share intelligence about threats to aid the sectors in starting conversations around mitigating the risks in a more disruptive but coordinated fashion.
Subscription Center
Stay in the Know with Our Newsletter
Stay in the Know with Our Newsletter
Follow us: Follow us:
