Retailers and Ransomware: How to Secure Your Defenses This Holiday Season


According to the 2022 SonicWall Cyber Threat Mid-Year Report, ransomware targeting retail rose by 90 percent over the previous year. And Sophos State of Ransomware 2022 report says that 77 percent of retail organizations were hit by ransomware last year. The SonicWall report also notes that malicious intrusion attempts on retail increased an incredible 200 percent. All these sad statistics put retail second only to finance, which is the primary target for malicious actors.

One reason retailers are an attractive ransomware target is that their customer information—credit cards, birthdates, and so on—can open the door to a profitable crime spree. And if an attack is successful, the resulting costs of downtime can be devastating.

But the damage goes beyond downtime, with Arcserve’s research finding that 59 percent of consumers would likely avoid doing business with an organization that had experienced a cyberattack in the past year. That same research found that over one-third of respondents would switch to a competitor after just 24 hours if an organization can’t provide consumers with access to their information or the ability to make a transaction. That could spell a boatload of lost business.

So, what’s a retailer to do?

Create or Update Your Disaster Recovery Plan

The worst time to figure out how your business will recover from any ransomware attack, cyberattack, hardware failure, or natural disaster is when it is happening. That’s why you need a well-thought-out disaster recovery plan.

The IT disaster recovery planning checklist we’ve posted here is a good starting point. As part of your plan, you’ll need to establish your recovery time objective (RTO) and recovery point objective (RPO). These key metrics establish how much time your company can afford to be offline (RTO) and how much data your company can lose before the effects become too great (RPO).

Once you’ve created your plan, you’ll need to test it regularly to confirm that it performs as expected. Far too many companies skip this step, but it’s the only way to be fully confident in your ability to recover.

Teach Your Team About Cybersecurity

The Verizon 2022 Data Breach Investigations Report found that 82 percent of breaches involved the human element, including social attacks, errors, and misuse. Frequently, that means someone clicked on a malicious link, downloaded an infected attachment, or opened the door for cybercriminals through other means. Fight back by enlisting your team as your frontline defense against attacks. Getting there means teaching them how to spot threats and what to do if they encounter a suspicious email or other potential threat.

Keep your team up to date about the latest threats by sharing ongoing cybersecurity updates and tips. And test your team regularly using simulated social engineering schemes, emails, and other known attack vectors.

Keep Your Patching Program Current

Ivanti’s Ransomware Spotlight Year-End Report found that unpatched vulnerabilities are the most prominent attack vectors exploited by ransomware groups. Unfortunately, patching is often overlooked by overtaxed IT teams. But unpatched software is an open invitation to hackers—look no further than the recent Log4j fiasco that exposed many organizations to threats. So put a consistent patch management plan in place to close security gaps as quickly as possible.

Create Immutable Backups

Backups are another target for cybercriminals intent on preventing your retail company’s recovery. That’s where immutable backups make all the difference. They can’t be altered or deleted as they are saved as objects in a write-once-read-many-times format. That makes your backups impervious to ransomware attacks.

Deploy Multilayered Ransomware Protection

Protection starts with prevention. That’s why Arcserve UDP is secured by Sophos Intercept X Advanced cybersecurity, combining deep-learning server protection with immutable storage—including support for Amazon S3 Object Lock—and scalable onsite and offsite business continuity. That keeps downtime to a minimum during the season when each of your customer’s online minutes matters most.

Arcserve UDP protects against data loss and extended downtime across your cloud, local, virtual, hyperconverged, and SaaS-based workloads using a unified, central management interface. Once in place, it can reduce downtime from days to minutes while validating your RTOs, RPOs, and service-level agreements (SLAs) with automated testing and granular reporting. And Arcserve UDP can be deployed in minutes without the need for extensive training or expensive professional services.

Get Back in Business Faster

With Arcserve UDP, you can restore your data faster with instant virtual machine (VM) and bare metal recovery (BMR). The solution also features local and remote virtual standby, application-consistent backup and granular restore, hardware snapshot support, and extensions that efficiently deliver high availability and further speed recovery.

Arcserve UDP protects Microsoft 365 workloads (Exchange Online, Teams, SharePoint Online, and OneDrive for Business) on-premises, with deep data reduction, granular recovery, offsite replication, and more.

Rally Your Holiday Defenses

Find out how Arcserve solutions can help protect your precious data this holiday season by talking to an expert Arcserve technology partner. And be sure to check out our 30-day Arcserve UDP free trial.

You May Also Like