Dive Brief:

• Ahead of the Thanksgiving holiday and Black Friday weekend, retailers are bracing for a surge in cyber activity as threat groups look to disrupt critical supply chains and lure customers in search of deep discounts. 
• Retailers are facing an increased threat from phishing as an initial intrusion vector; threat groups are using social engineering to bypass multifactor authentication and harvest credentials, according to the Retail and Hospitality ISAC. 
• Generative AI has increased the speed and sophistication of threat groups, too. Researchers from Trustwave SpiderLabs warned that LLMs like WormGPT and FraudGPT are capable of composing malicious emails that are harder to detect.

Dive Insight: 

Threat groups are finding sophisticated new technologies to target retailers and their customers, as consumers turn to e-commerce channels to find the best discounts. 

As e-commerce traffic increases, retailers are more dependent on functioning technology systems to handle order processing, inventory management and other functions.

“Attacks targeting these systems can lead to operational disruptions, delays and financial losses,” said Lee Clark, cyber threat intelligence analyst at RH-ISAC. “Retailers are concerned about the potential compromise of OT systems that could affect their ability to meet customer demand during the crucial holiday season.” 

About 19% of retailers have already been the victim of a cyberattack, according to the 2023 Travelers Risk Index. Meanwhile 58% of retailers had concerns about an attack, making it the third-highest business concern behind supply chain risk and economic uncertainty. 

LockBit accounted for one-third of the ransomware attacks targeting the retail sector, according to Trustwave. Other top threat groups targeting retail include BlackCat/AlphV, BlackBasta, Play and Clop.