Why Are Ransomware Attacks on Retail So Common?

Daniel Litwin
Mar 1, 2023
Learn more
cybersecurity IT Phishing ransomware retail

We’ve all seen those suspicious emails that show up in our inboxes: “Is this picture of you?” they’ll ask, as we hover over that link for just a moment. Now more than ever, companies are aware and preparing for digital threats and data breaches. Despite that, or perhaps because of it, year after year both the amount and the sophistication of digital attacks increases. According to IBM’s 2022 report on the cost of a data breach, the global average cost for a data breach was a record-breaking $4.35 million, a figure that’s risen nearly 13% just in the last year. For ecommerce and big box retailer professionals who might be wondering, do these trends match up to the data behind ransomware attacks on retail?

When it comes to who bad actors are targeting, it seems more are turning to the retail industry as an industry ripe for exploitation. Research out of cybersecurity and device data privacy firm BlackFog, which catalogs the rate of retail sector cybersecurity breaches yearly, found that ransomware attacks on retail increased by 67% in 2022, year-over-year. Compared to 2020, the increase was even more substantial, growing by 233%.

Daniel Pigeon, the senior product marketing manager at Cyberint, explains why ransomware attacks on retail might be growing in prominence and where hackers are finding vulnerabilities to take advantage of.

Daniel’s Thoughts:

“In 2022, the retail industry was the third most targeted industry for ransomware attacks, and 14% of all ransomware attacks that the Cyberint team observed were on retail industry organizations. So, this raises an important question, which is why are threat actors in ransomware groups targeting the retail industry?

From our research at Cyberint, we believe that there’s two primary reasons. First of all, when threat actors target and attack retail industry organizations, they don’t receive nearly as much negative attention from the media or from law enforcement as when they attack other industries such as healthcare, education, government, and critical infrastructure.

The second reason is that retail industry companies tend to have a weaker cybersecurity posture compared to other industries like technology, banking and insurance. This makes the retail industry a great target as threat actors don’t need to put in as much effort to compromise their victims. We’ve seen threat actors with a relatively low level of sophistication successfully compromise and attack retail industry companies.

The main attack vectors that we’re seeing are vulnerability exploitation of old and unpatched software, phishing attacks that target both the retail organization’s employees as well as the retail organization’s customers, and finally malware: specifically, a type of malware called infostealers, which steal credentials and other sensitive data from the victim’s browser.”

Article written by Graham P. Johnson.

Follow us on social media for the latest updates in B2B!

Image

Latest

Email Marketing
The Science of Email Success: Secrets to Higher Open and Conversion Rates
March 6, 2025

Email marketing is often underestimated, yet it remains one of the most powerful tools for businesses to engage with their audience. Research shows that for every $1 spent on email marketing, an average return of $42 is expected. However, many professionals misunderstand what email can truly accomplish and fail to harness its full potential….

Read More
data center sector
Data Center Sector Opens Doors for Non-Traditional Career Seekers
March 3, 2025

The data center sector is expanding rapidly, driven by increasing digital demands across sectors. As this growth accelerates, data centers face a workforce shortage, with projections showing the shortage could persist for the next decade. According to a 2023 report by Uptime Institute, 50% of data center operators report difficulties filling open roles. This…

Read More
Robin Goldsmith
Interview with Robin Goldsmith
March 1, 2025

At ViVE 2025, Panda Health’s Jason Taylor and Verizon Healthcare’s Robin Goldsmith dive into the future of AI in healthcare, exploring how ambient technology is revolutionizing workflows for clinicians and improving patient experiences. A dynamic conversation not to be missed!

Read More
From Control to Community: Why Big Brands Struggle with UGC
From Control to Community: Why Big Brands Struggle with UGC
February 27, 2025

In this episode of UGC for B2B, host Alice Iversen sits down with Bridget Benedetti, a former MarketScale client turned Digital Media Strategist, to discuss the massive shift from traditional marketing to an authentic, user-generated approach. Bridget shares her firsthand experience of watching MarketScale evolve from a content provider into a full-fledged UGC-driven powerhouse—one…

Read More
Related
verizon business assistant
Software & Technology
Boost Customer Satisfaction with Verizon Business Assistant
March 6, 2025
AI in Video Storytelling
Healthcare
AI and The Future of Video Storytelling
February 27, 2025

In this episode of The Marketing AI SparkCast, Aby Varma, founder of Spark Novus, sits down with Piyush Saggi, co-founder and CEO of Parmonic, to discuss AI’s impact on video storytelling. They explore AI’s role in video transformation, storytelling challenges, and how brands can balance automation with authenticity. Topics Covered * The Rise of…

Read More
broadband state
Healthcare
Broadband State of the Union: Urban Innovation and Rural Challenges
February 21, 2025

In the latest episode of Amphenol Broadband Solutions’ Wavelengths podcast, host Daniel Litwin sat down with Tyler Cooper, Editor-in-Chief at BroadbandNow Research, for a deep dive into the current landscape of broadband deployment and access across the United States. With 2025 underway, the conversation tackled key trends shaping the broadband industry, including the contrast…

Read More