Higher stakes cybercrime – prepare now

What is happening?

Cybercrime continues to increase and shows no signs of stopping.

A report published on Statista estimated that the annual cost of cybercrime in the UK was $320m (approximately £250m) in 2023. This is projected to increase to over $1.82trn (approximately £1.424trn) by 2028. 

The figures are high and the impact is widespread, as cybercrime affects businesses across various sectors, including the retail sector, with the British Retail Consortium (BRC) reporting that 32% of retail organisations experienced a security breach in 2022/2023.

Why does it matter?

The increase in cybercrime may be caused, at least in part, by the growing accessibility to and use of artificial intelligence (AI). According to the NCSC's report on the impact of AI on the cyber threat, we will see "AI primarily offer threat actors capability uplift in social engineering". The compromise of account credentials, often through phishing emails, remains a common method of entry. If threat actors utilise AI to create increasingly convincing phishing emails that are more likely to be interacted with, the result will be a growing ability to obtain account credentials to gain access to organisations' systems and, subsequently, its data.

The large-scale supply chain incidents of 2023 also contributed to the increase in cybercrime. These include the ransomware attacks suffered by: (i) CTS, a provider of IT services, which impacted a number of its law firm clients; and (ii) MOVEit, a file transfer company, which brought more than 600 organisations worldwide within the sphere of a single incident according to Reuters. These incidents demonstrate the wide reach that supply chain incidents can have and the importance for management of those risks, as predicted and discussed in last year's Autumn edition  of Retail Compass. 

The impact of the increase in cybercrime is exacerbated by the increased scope of the cyberattacks. We have seen a trend towards larger quantities of data being taken from infiltrated systems, particularly in ransomware scenarios. Where threat actors were previously taking gigabytes of data from organisations, we are now sometimes seeing multiple terrabytes of data being exfiltrated. The result is a greater impact on victims, as the larger amount of data being taken from accessed systems could mean that there is a higher likelihood of data being taken which is either (i) personal information relating to data subjects or (ii) sensitive or confidential client information. This could represent a significant risk to retail organisations where large quantities of consumer data may be collected for retail analytics and/ or where the data in scope could include confidential information relating to product releases.

What action should you consider?

The increased instances and impact of cybercrime underscores the need for implementing basic security protocols. We have seen some cyber insurers reject cover for claims where investigations into the incident have revealed that measures like multi-factor authentication (which can significantly reduce vulnerability to credential compromises) were not in place.

We have also seen a growing focus on incident response planning across various sectors. Only 48% of retailers have a formal ransomware plan in place according to the BRC. Planning for cyber security breaches before they have happened through the creation of crisis management plans and engagement in pre-breach workshops can help to minimise the effects of an incident.

Explore Retail Compass Spring 2024