98% of UK businesses are now operational online in one way or another, benefiting hugely from the use of online websites, social media accounts, and online banking. With the ability for customers to shop 24/7 online it is no surprise that cybercrime is trending upwards. It is highly anticipated that online sales will remain strong throughout 2023 across the Eastern region.
But there is a price to pay for the convenience of online retail - The rate of cyber-attacks on UK retail businesses has been steadily increasing in recent years. According to the Cyber Security Breaches Survey 2021, which is conducted by the UK government, 38% of UK retail businesses reported experiencing a cyber-attack in the past 12 months, which is up from 19% in 2019.
The most common types of cyber-attacks reported by UK retailers include phishing attacks (72%), impersonation attacks (41%), and ransomware attacks (17%). These attacks can result in significant financial losses, as well as damage to the reputation of the affected businesses.
In addition to the increasing rate of cyber-attacks, the impact of these attacks on UK retail businesses has also been significant. According to a report by the British Retail Consortium, the cost of cyber-attacks to UK retailers increased by 43% in 2020, with an average cost per attack of £13,400. The report also noted that the impact of cyber-attacks on smaller retailers can be particularly severe, as they may have limited resources to invest in cybersecurity measures.
So here at the Eastern Cyber Resilience Centre we ask this question to the whole sector.
Can you afford to take another hit from scammers and hackers? If not, spend a little bit of time and effort to beef up your cyber resilience, and make sure that you don’t become a cyber victim in 2023.
Most of the reported attacks against retail relate to big companies – but remember – Small is not safe. Small businesses are still at significant risk of facing a cyber-attack in 2023. And many small businesses do not report the attacks that they suffer.
FatFace: In January 2021, UK fashion retailer FatFace suffered a ransomware attack that resulted in the theft of customer data, including names, addresses, and partial payment card details. The company reportedly paid the ransom to retrieve the stolen data.
Dole: A cyberattack in February 2023 forced food producer Dole to temporarily shut down production plants in North America and halt food shipments to grocery stores. The company, which employs over 3000 people was forced to shut down production across multiple sights leading to shortages in shops across the USA.
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
Here at the ECRC, we offer affordable Cyber Security and Resilience Services through our free core membership, including three types of vulnerability assessments:
By regularly carrying out vulnerability assessments, you are ensuring no virtual back door is left open for a hacker to sneak through.
The impact of a successful attack against your network can be catastrophic and lead to a full blown system breach, loss of data and a permanent loss of reputation. But all is not lost.
Here at the centre, there are three things that we would recommend for you to consider:
We are already working closely with hundreds of organisations across the seven counties to help them tackle the continually changing cyber threats that they face. So come and join our community as free members and let us help you protect your organisations from the ever presents threats out there in the cyber-verse.
If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.
Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.
Click to Open Code Editor