Retailers Remain Under Cyber Attack

Editors Desk
a red security sign and a blue security sign

It’s no longer a question of if a cyberattack will happen, but when. Retailers across the UK are facing the reality that cybercriminals are growing more persistent and opportunistic. From big names like M&S, Co-op, and North Face, to smaller e-commerce outfits, no business is flying under the cyber attack radar.

At a time when customer expectations are high and digital operations underpin almost every business, one cyber breach can unravel years of progress. From systems freezing to data disappearing or even orders being left unfulfilled, the customer trust that took time to build erodes instantly.

With the looming threat of attacks, cybersecurity isn’t just about defence, It’s about how quickly businesses can recover too. The companies that will survive attacks are those that treat operational resilience as a core strategy and not just a ‘tick-box’ activity.

Beyond the Breach: A Business Continuity Crisis

When attackers strike, it’s not just data at risk, it’s the ability for companies to operate. Inventory systems go dark, fulfilment grinds to a halt and stock visibility vanishes, not to mention the hit profits can take too. Without a comprehensive strategy to overcome an attack, customers are left waiting and brand loyalty can quickly slip away.

“The continuous high-profile cyberattacks on major UK retailers have exposed the harsh reality that many still rely on outdated legacy systems which leave them vulnerable and slow to respond,” said Abdelkader Keddari, VP Global Presales at Fluent Commerce.

Keddari adds, “Retailers urgently need to assess where their operational weaknesses lie. Unable to provide real-time visibility or adapt quickly in a crisis, legacy systems prevent effective decision-making. In today’s omnichannel landscape, that lack of adaptability is more than a day-to-day issue – it’s a major business risk.

Operational resilience also depends on more than tech or security. “It’s about smarter decision-making and building flexibility into your operations in order to minimise impact, recover fast, and continue delivering on customer promises when systems are under threat. It is all about being ready to pivot when the unexpected hits.”

In a world where every purchase is potentially a one-time audition for a lifelong customer, that kind of failure is hard to recover from.

Credentials Are the New Skeleton Keys

Modern cyberattacks can be disturbingly mundane starting with a stolen password or a clicked phishing link, suddenly an entire enterprise can be compromised. “Today’s attacks aren’t elite, technical hacks,” said Glenn Akester, Technology Director for Cyber Security & Networks at Node4. “They’re fast, persuasive and often alarmingly simple.”

“Attackers are utilising a number of low effort techniques, such as social engineering attacks that convince employees to provide login details or approve MFA requests, hijacking valid login sessions or using leaked details obtained through past data breaches. None of these require ‘hacking skills’ in the traditional sense. They’re about slipping through the cracks – or tailgating through the front door someone else has opened.”

Related:   Best Messaging Apps to Keep Your Data Private and Secure

Akester believes it’s time to stop thinking about cybersecurity as a checklist of tools and start thinking about it as a resilience strategy.

Building resilience means assuming that something will get through eventually, and making sure your business can detect it, contain it, and recover quickly,” he explains. “This starts with understanding your risk surface, continuously monitoring for threats, testing and simulating attacks, and finally, having a clear and effective response plan.”

Retailers Can’t Afford to Wing It

The news of more retailers being hit by cyberattacks is also further evidence of cybercriminals’ strategy to achieve both notoriety and financial gain. “Data holds incredible value, and cybercriminals will stop at nothing to obtain it, no matter the disastrous consequences for an organisation or its customers,” explains Darren Thomson, Field CTO EMEAI at Commvault.

He believes these latest cyberattacks also highlight the importance of basic cyber hygiene, “as hackers accessed North Face systems via credential stuffing, where usernames and passwords stolen from another data breach are used. “By never reusing passwords and using secure password managers, these attacks can be avoided.”

But beyond individual habits, organisations need deeper capabilities. “Anomaly detection and early warning systems are essential,” he added. “Knowing as soon as something out of the ordinary is happening within your systems enables security teams to isolate the environment and stop bad actors in their tracks before they have the opportunity to encrypt, steal, or remove access to critical datasets and systems.”

“Achieving enterprise-grade cyber resilience is more than building taller walls or deeper moats. It requires a new approach that looks holistically across the entire landscape, from best-in-class data protection and security to AI-powered data intelligence and knowing your Minimum Viable Company to allow lightning-fast recovery.”

Pivot-Ready Is Profit-Ready

The businesses that will withstand the next wave of cyber attacks are the ones who’ve already planned for them. That means mapping out vulnerabilities, investing in infrastructure, and ensuring response plans are rehearsed and actually work. It also includes, remaining mindful of less sophisticated attacks and keeping a high standard of security practices, even in their most basic forms. Upholding security as a business strategy will ensure businesses can withstand attacks and maintain continuity in the face of malicious actors. 

Leave a Reply

Your email address will not be published. Required fields are marked *