FEATURES SPONSORED BY rAge EXPO:

By Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa

Ransomware has been in the headlines in the past few years, and with good reason. These malicious software programs have wreaked havoc on businesses of all sizes, holding important data hostage until a ransom is paid. While many people think that ransomware attacks are reserved for big businesses, the truth is that small and medium-sized retailers are just as much at risk. 

In fact, according to a recent Sophos survey report, 77% of retail organisations have been hit by ransomware. 

Retail organisations hit by ransomware

This is a significant increase from the previous year and is nearly 17% higher than the average across all industries, demonstrating a particular focus being placed on Retail by cybercriminals.

Ransomware attacks can be devastating for retail organisations. They can lead to significant financial losses, as well as damage to reputation and customer trust. In some cases, ransomware attacks have forced retailers to close their doors permanently.

Organised cybercrime gangs, such as RansomHouse, recently launched a cyberattack on Shoprite, Africa’s largest retailer, compromising personal  data such as names and identity numbers of some of  their Namibian and Zambian customers.

The retail sector is unprepared for ransomware attacks

The dramatic increase in the number of ransomware attacks on retail organisations over the last year shows just how unprepared the retail sector is to deal with cyber attacks. 

With the accelerated move to online channels during COVID-19, many retailers have failed to meet the changing cybersecurity demands. 

Over and above the sheer number of attacks, the average ransom demanded by attackers has quadrupled in the last year. This means that not only are more retailers being targeted, but those who do fall victim to an attack are facing much higher costs – creating a real threat to these businesses. 

How can retail organisations avoid ransomware attacks?

There isn’t one silver bullet that will magically protect us against cyber criminals. 

Preventing extortion attacks requires a layered security model, also called ‘security in depth’ made up of technology, process and people. Humans are still susceptible to falling for targeted cyber attacks, and one course of action for retailers is to work on improving their cyber security culture, starting from the top,  across all departments as well as suppliers and educating their employees about their role in circumventing cyber  attacks.

There are also various ways to check the effectiveness of your existing network protection – such as KnowBe4’s "RanSim". RanSim will simulate 22 ransomware infection scenarios and one cryptomining infection scenario and show you if a workstation is vulnerable.