Could a cyberattack shut down your grocery store? As cyberattacks rise, no industry is safe. Modern grocers need to be aware of the risks. Here are some cyber safety tips to help keep your business safe.
Extortion and Ransomware
Cybercriminals use ransomware to extort money from victims. These ransomware attacks can impact grocery stores and other retailers in unexpected ways, sometimes leading to significant business interruption.
Cash registers that rely on computer systems are one possible target. According to Reuters, REvil ransomware shut down 800 physical grocery store locations of Coop, a grocery retailer in Sweden. Because of the ransomware attack, the grocer’s cash registers wouldn’t work.
HR systems are another potential target. According to USA Today, a ransomware attack targeted Ultimate Kronos Group, an HR management company. As a result of the attack, the company’s clients have had trouble processing payroll and handling time sheets.
According to the European Union Agency for Cybersecurity, cybersecurity threats are increasing, and ransomware is a prime threat. A report that covered the period between April 2020 and July 2021 found that ransomware attacks increased 150%.
Log4j attacks are another urgent concern. The FTC says Log4j is a ubiquitous piece of software that is used in consumer-facing products to record activities, and attackers have been exploiting a vulnerability in the software. According to Wired, the first wave of hacks has mainly involved crypto miners, but the next wave will likely involve ransomware and espionage.
The FTC says that organizations need to update their Log4j software, and companies that fail to take remedial steps could be guilty of violating the FTC Act. The most current version can be found at the Apache Logging Services website. See the FTC announcement and CISA guidance for more information.
Social Engineering Business Email Compromise
Cyberattacks don’t have to rely on computer weakness. Social engineering schemes, including business email compromise (BEC) and phishing attacks, use manipulation to trick victims into revealing information or even making wire transfers.
The FBI’s Internet Crime Complaint Center received 19,369 BEC complaints in 2020, and losses totaled more than $1.8 billion. In these schemes, criminals target individuals with fraudulent but convincing messages. They often pose as legitimate contacts, such as vendors, and eventually attempt to trick the victim into making a wire transfer or completing some other action.
BEC attacks have often used email, but technology is creating new options for cybercriminals. Deepfake technology now lets people create fake but convincing video and audio, and criminals could use this technology to fool their victims. In March 2021, the FBI issued a warning about this risk.
Cyber Safety Best Practices
Cyberattacks can have disastrous effects. Grocers may lose income due to business interruption. They may incur fines due to noncompliance with security, privacy and data breach requirements. They may suffer reputational damage when customers learn that their data has been impacted. They may experience financial loss and data loss. The list goes on and on. Make sure you’re doing everything possible to protect your business.
Use multi-factor authentication (MFA). MFA can protect your systems and accounts against many common cyberattacks.
Install updates and patches. This includes Log4j updates, as well as updates for any other programs you use.
Train workers on cybersecurity. This includes choosing strong passwords, using multi-factor authentication, avoiding malicious links and spotting red flags that could indicate fraud. Provide regular reminders on key issues.
Question urgent requests for wire transfers or other unexpected changes to protocol. Verify that the request is legitimate before proceeding.
Have a cybersecurity expert review your systems for vulnerabilities.
Create a cyberattack response plan.
Purchase cyber liability insurance. Hackers are always finding new ways to attack. Insurance gives your business an added layer of protection.
|Joe Scarpello||Melissa Johnson|