In the second quarter of 2022, the retail industry continually faced growing threat and security challenges, from supply-chain issues to cyberattacks. The retail sector’s critical role in nearly every aspect of business has made it a prime target for bad actors. Now more than ever, it’s important for leaders in the retail space to remain vigilant in monitoring cyberthreats.
The ZeroFox Intelligence team has created a Quarterly Threat Landscape Scorecard for the retail sector to address these unique challenges and threats. In this post, we’ll dive into a few of the key takeaways from this scorecard.
Threat actors continued to exchange ideas on how to maneuver within the economic and political constraints brought on by the conflict in Ukraine.
Social engineering campaigns remained a persistent threat to retail organizations, including increased use of fraudulent applications, fake Windows 11 upgrades, and employment related scams to steal credentials and deploy trojans.
Vulnerability exploitation also continued to grow, averaging almost 70 CVEs disclosed per day, up from 56 per day at the end of 2021. The pace of vulnerability disclosure likely represents a new normal.
The threat to the retail sector from Initial Access Brokers continued to fall in Q2, despite the market showing signs of resurgence in other sectors.
The threat to retail organizations from ransomware and digital extortion likely slightly increased. Ransomware threat actors may be struggling to elicit payments from victims, driving changes to extortion tactics. While the ongoing war in Ukraine continued to be the primary driver of geopolitical risk, possible EU and NATO expansion – and new sanctions on Russia – will likely trigger Russia state-backed groups to target high profile entities.
Get more key insights and recommendations specific to the retail industry in our Q2 Quarterly Threat Landscape Scorecard. Get your copy of the scorecard here.