Major Cyber Threats Facing Retail Due to Supply Chain Disruption

5 minute read

The retail industry is facing mounting challenges. With U.S. inflation rising above 6% and shortages on everything from baby formula to feminine hygiene products to lumber to computer chips (to name a few), retailers and consumers are feeling the squeeze and cybercriminals are seeing new opportunities. 

In Q1 2022, supply chain disruptions created myriad opportunities for threat actors to take advantage of stressed businesses and consumers. Understanding the relationship between these supply chain disruptions, inflation, and the ways criminals use these to cause harm is critical in creating a strategy to fight them. 

Download your copy of the Retail Quarterly Threat Landscape Report

Prevalent Cyber Threats Caused by Supply Chain Disruptions 

If you’ve been to the grocery store at any point in the last year, there’s a solid chance you’ve experienced the impact of supply chain disruptions firsthand. If you work in the retail sector, you’ve likely experienced the consequences of these disruptions even more in-depth. 

The following challenges are part of a greater cycle that works together, enabling threat actors to facilitate the further breakdown of previously established channels and relationships and wreak havoc on the retail industry.

Pandemic Shortages Spawn New Social Engineering Campaigns

Worldwide, 12% of retailers reported heavy supply chain disruptions due to Covid-19, according to a recent survey. However, this number may be low, as only 32% of global retailers reported that they experienced little disruption. 

These supply chain disruptions were caused by various factors, including quarantine and lockdown of towns and cities where supplies are produced or manufactured; quarantine of infected employees; and the exodus of women from the workforce due to childcare challenges. All of this culminated in higher prices for goods and services as well as job freezes or layoffs. These conditions all created a perfect storm, so to speak, for threat actors to target new victims of social engineering campaigns.

In a recent blog post, we discussed the rise of fraud during Covid-19. But, it’s essential to put into context and perspective a few of the scams that came about due to the pandemic’s supply chain disruptions, many of which were social engineering campaigns. 

Social engineering was one of the most frequently reported intrusion tactics leveraged against the retail sector in Q1 2022. ZeroFox Intelligence observed an increase specifically in conversation hijacking, which is a tactic used to make it more difficult for victims to identify nefarious activity. Threat actor tactics remained evolutionary rather than revolutionary, typically targeting customers or employees with rudimentary phishing emails, text messages, and voice calls. Social engineering will almost certainly remain a threat to the retail sector; campaigns are demonstrably effective, offer a high return on investment, and can cause significant damage to victims’ brands. 

Think of a retail store that supplies a specific type of fabric. When the factory that makes the fabric had a Covid outbreak and had to close for two weeks, demand exceeded supply, and costs went up. As a result, the retail shop either had to lower inventory levels or raise prices to match the inflated costs. This is a stressful enough situation for a retailer, raising customer and employee tensions, but then the adversary enters the equation. Fraudsters see this strain and might then create spoofed accounts offering fake discounts and coupons to customers, which the business does not honor (eroding customer trust and loyalty). Taking it one step further, a fraudster may also create fake supply channels promising a lower cost to the retailer, effectively launching a phishing attack in doing so. 

TL;DR: Pandemic-related scarcity leads to higher instances of human error, which the bad guys are counting on. 

Commodity Supercycle Due to Geopolitical Conflicts 

According to the ZeroFox Threat Intelligence Retail Quarterly Threat Landscape Report, “A commodities super cycle underway since pandemic reopening dramatically worsened for the retail sector in Q1 2022. Oil and gas used to power the sector became unaffordable for many operators. For food retailers, commodities like corn, soy, and wheat reached record highs on the back of Russia’s invasion of Ukraine. Continued international isolation for super-producer Russia, means commodities will remain high in the coming years.” 

What does that mean for you as a retailer? It means that if you’re vulnerable to commodity prices, you could be targeted by threat actors seeking to worsen the price issue. 

In fact, the FBI warned that Russian threat actors are seeking to target food producers at the height of their harvest with ransomware, believing food price inflation and shortages would necessitate a quick ransom payment. This could extend to Russian threat actors targeting Western retailers in response to sanctions imposed over the war in Ukraine, those in emerging markets, or those with dependencies on volatile commodities. Additionally, 100 Retail assets pulled out of China were likely reinvested in politically safer emerging markets like Brazil, Mexico, and India. This creation of alternative or shorter supply chains will impact the retail sector going forward.

TL;DR: Threat actors could target retail to worsen the supply chains and inflation crisis in the sector as part of ongoing geopolitical conflicts.

Disrupt the Cycle of Threats

It may take a long time before the supply chain is fully repaired for retail businesses worldwide. As the global economy enters the recovery phase, threat actors may continue to target retailers who are already vulnerable and struggling. 

One of the most important things you can do is disrupt the cycle of threats on an individual business level. However, that’s sometimes easier said than done. You can start by: 

Download our Retail Quarterly Threat Landscape report to learn more about the types of threats to watch for this quarter and into the second half of the year, as well as in-depth analysis and recommendations from the ZeroFox Threat Intelligence team. Get your copy here

See ZeroFox in action