Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How Small Retailers Can Take Their Cybersecurity from Zero to 60

A laundry list of major companies of which you've almost certainly been a customer have been victims of cybercrime, exposing the sensitive information of hundreds of millions of customers. Both e-commerce and brick-and-mortar retailers are appealing targets for cyber criminals. Though big merchants are usually the ones that make headlines for cyberattacks, smaller businesses are just as susceptible. It is less a question of whether an attack will occur next and more about when. Now more than ever, it is important for retailers, especially small businesses, to equip themselves with knowledge and have a game plan set in place.

According to the 2017 Trustwave Global Security Report, the retail industry faces more attacks than any other vertical. It takes time and money for retail companies to rebuild their point-of-sale (POS) systems with tighter security through EMV compliance and stronger safety protocols. They need money to hire support to secure the networks, to buy better software and to buy newer, encrypted POS machines. After all of these measures, the costs can be daunting to a small business owner. Regardless of the upfront expenses of upgrading security measures, the cost of one fraudulent chargeback or data breach alone will be more than they paid to upgrade their systems. Therefore, first and foremost, retailers must make sure they have a cybersecurity policy that makes sense for their individual business needs.

Cyberattacks are continuously growing, which is overwhelming for retailers that do not know where to begin. While keeping a secure system is an ongoing process, here are five steps that retailers can take to strengthen their security:

1) Strengthen Domain and Network Security

The fundamental building blocks of cybersecurity policies start with network security. For example, a website's content management system (CMS) could have an exposed administrative portal that is ripe for hacking. You should invest in a high-quality secure domain provider. In this case, cheaper is not always better. After the secure domain has been established, an SSL certificate to encrypt data on the site is a must for retailers that are processing personal information, such as credit card numbers and addresses for online purchases. This is a critical step that is constantly overlooked, but having the right configurations in place is non-negotiable for business owners.

2) Create a Systematic Patching Routine

Out-of-date software creates a window for hackers to climb through when they cannot get in the locked front door. Unpatched vulnerabilities are a clear point of pain for most retailers. Hackers tend to exploit older vulnerabilities, which makes it critical to update all company software frequently. If you are not keeping up with the latest fixes, that can lead to a system that is permanently exposed. Regularly updating software is a simple, but often ignored, way to reduce the number of vulnerabilities in your systems.

3) Establish Strong Passwords and Password Policies

A lot of vulnerabilities are created when employees do not change their username and password from the default login information given to them. This can leave a clear opening for hackers. Though some exposed administrative portals prompt for login information, many of those default credentials for CMS programs can be obtained easily by intruders.

You need to implement strong password policies that require employees to create a new username and multi-factor password, as well as change that information every so often. Most merchants do not know what their system looks like from the outside so they do not understand how simple password policies can have major impacts on the security of their business.

4) Segment Networks

Another aspect of filling in vulnerabilities is by segmenting various applications and grouping items of similar sensitivity. That alone allows retailers to limit traffic within high-risk zones, which will help break up data into multiple pathways in the event of a malware attack. You can limit the success of a cybercriminal by compartmentalizing networks and keeping all the various components separated. Many third-party service providers are granted access to a variety of functional components during their work, including climate control and security cameras. Segmenting that type of IT from the point-of-sale systems is crucial so that air conditioning or lighting does not become a pathway to the POS system.

5) Increase Employee Awareness

Your security is only as strong as its weakest link, which typically are the employees. Money, tools and technology aside, knowledge of security best practices is vital. Even if a company has stellar security, the most common way to break in is through social engineering, by tricking an employee into doing something they should not be doing. Hackers love to prey on employees who they presume are lacking in knowledge about their company's security policies. This is mainly due to retailers failing to provide adequate training on a regular basis. Consistently keeping security at the forefront of their employees' minds, including around phishing, will help build stronger awareness. Meanwhile, you can protect your domain name from being spoofed, forged and used in phishing attacks by using Sender Policy Framework (SPF) records.


Retailers are on the most-wanted list for hackers, as online shopping continues to grow. They will utilize opportunistic attacks to get in, get what they want, and then quickly get out. It is important for you to address retail security challenges and their inherent destructive potential, and come to terms with the fact that no business, no matter what size, is truly safe. It is important to determine how these opportunities for system breaches are being created and develop an end-to-end security model that fits within your budget. Protecting a business and the bottom line is no easy feat, but by addressing the severe nature of these attacks and designing a solution, it is possible to minimize security risk.

This guest post was written by Sterling Payment Technologies, a Tampa, Fla.-based payment processor.

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More