Stemming the rising tide of retail cybercrime through strong reporting and responseMay 19, 2021
Escalated frequency of digital attacks on business require immediate action from those impacted
Cybercrime is on the rise in Canada. It’s impacting every business, from small independent retailers to the largest of corporations, in every pocket of the country. If your business is online, cybercriminals will find you, says Detective Sergeant Vern Crowley, Cybercrime Investigations Team, Ontario Provincial Police. It’s only a matter of time before they attack.
In the most recent Statistics Canada report on the subject, just over one fifth (21%) of Canadian businesses reported that they were impacted by cyber security incidents which affected their operations. Of those, more than half (54%) of impacted businesses reported that cyber security incidents prevented employees from carrying out day-to-day work, while close to one third (30%) experienced additional repair or recovery costs. About 10% of businesses reported that they lost revenue as a result of cyber security incidents.
The attackers are emboldened knowing that law enforcement is unaware of the scope of the problem and that the incidents likely won’t be investigated.
Crowley, who spoke at Retail Council of Canada’s 2021 Retail Loss Prevention Forum on the topic of cybercrime in Canada, recognizes the escalated sophistication of cyber attacks on business. He points towards a rising trend involving the use of ransomware in the infiltration of retail systems and also at ‘social engineering’, in which digital criminals conduct reconnaissance work via email to obtain sensitive company information. It’s an issue that’s keeping loss prevention professionals and CEOs across the country up at night. He stresses the importance of reporting cybercrimes when they are committed and adhering to a strong incident response plan.
“Too often in Canada, cyber attacks go unreported,” Crowley lamented. “As a result, the attackers are emboldened knowing that law enforcement is unaware of the scope of the problem and that the incidents likely won’t be investigated. It’s imperative that any and all cyber attacks be reported to the police and, in tandem, that they follow the procedures that have been outlined within their company’s cyber incident response plan.”
If a plan is not in place, he says, then one needs to be developed. It should incorporate everyone within the organization, including executives and anyone using potentially vulnerable technology. Further, it should be crafted to inform and guide security policies and to identify what’s happened, how prevalent the problem is, which systems have been affected, how long it will take for the business to recover and whether or not any data has been stolen. The plan should also include procedures for the preservation of digital evidence.
“Law enforcement are here to work with retailers, not against them.”
“It’s imperative that organizations work with their IT administrators to preserve and identify log files that could be important pieces of evidence for an investigation,” Crowley said. “Saving screen captures, logging suspicious IPs, email addresses and communication with potential threats will all provide law enforcement and investigations units with the information and evidence that they need in order to effectively go after the criminals.”
Crowley also emphasized that cooperation, transparency and continuous education are critical components on the part of retailers to combat cybercrime.
“Law enforcement are here to work with retailers, not against them. When businesses are attacked, our role is attribution – to find out who committed the crime and to bring them to justice so they can’t do it again. The role of the company is mitigation – to identify and stop the spread of malware viruses, fraud or other trickery that may be occurring. But, perhaps the greatest role and responsibility for everyone involved is to ensure constant education around the issue. When it comes to cybersecurity, developing a threat awareness through an understanding of relevant prevention information and adhering to best digital practices will be key. That’s where retailers and law enforcement will be able to make a difference, making it harder for cybercriminals to operate, thereby reducing the level of victimization.”