Cyber Attacks Hit Canadian Retailers Hard, Causing Unprecedented Damage [Expert Interview/Report]


Share post:

Retail has emerged as the third most attacked industry in Canada, accounting for 10 per cent of all attacks that IBM X-Force remediated in 2022. It came behind energy and utilities, which constituted 60 per cent of attacks in Canada, followed by finance and insurance at 20 per cent.

As a growing list of Canadian retailers fall victim, IBM says the focus should be on rolling out the right technology to prevent these attacks from happening in the first place.

An IBM X-Force study said extortion was used in more than a quarter of attacks – criminals are swarming vulnerable industrial systems to disrupt critical operations that can’t afford to be down (like utilities, manufacturing, and banking) and making them pay.

The report said data breaches are costing Canadian companies CA$7.05 million per incident on average (an all-time high) – the financial stakes and threat to brand reputation are more significant than ever.

Indigo Outage at Bay & Bloor Indigo (Image: Dustin Fuhs)
Indigo Outage at CF Toronto Eaton Centre (Image: Dustin Fuhs)

Evan O’Regan, Associate Partner in Security Services for IBM, said the findings of the report shed light on the growing threat to the retail and wholesale sector, which is an attractive target for cyber attackers due to its large amounts of sensitive information and financial transactions, its reliance on a complex supply chain network, and the potential for significant reputational damage.

Evan O’Regan

“This is real data based on our X-Force team responding to actual incidents both globally and in Canada,” said O’Regan. 

“The threat to the retail industry is very real. A good example of that is if you look at Canada and North America, it’s in the top three targeted, exploited regions and retail which includes wholesale is in the top three of the exploited industries in Canada.

“I think it’s inherent to the nature of the industry. The first thing that I would call out is we need to look beyond the cash register. While it is true, we’ve seen a massive increase of online shopping, that is a trend and it continues to increase but it’s not just about breaking in and stealing credit card information. In fact, the targeting of your credit cards is going down for a couple of reasons. One, they’re better defended both by the banks and the retail industry but also on the black market, on the dark web, you’re only getting about 10 bucks per validated credit card record. 

“But when you’re doing these transactions online you need to collect a fair amount of information about the person that you’re doing business with and that is extremely valuable on the dark web. Your exploiters can sell that and as well an organization is compromised. So if I’m a hacker and I’ve been able to land and create backdoor access to your organization I can sell that for $10,000 on the dark web for somebody else to use the work that I’ve done to launch a more sophisticated exploit.

“Why it’s important . . . is first of all you’re doing business with a lot of people. Second, is a reliance on a complex supply chain . . . When you look at the types of threats, extortion is one of the number attacks, and high psychological impact attacks. Some of the major brands can probably recover from a bad headline but if I’m shopping between a retailer that I know or heard has been compromised versus one that hasn’t been in the news, that can have a massive impact on the bottom line.”

Indigo Outage at CF Toronto Eaton Centre (Image: Dustin Fuhs)

O’Regan said the retail sector on the whole has this exposure.

“It’s a lucrative target for the attackers. You have to remember they’re running a business. When we link it to the notion about the threat being real, look at some of the other industries,” said O’Regan. “These are people that would shut down a hospital. These are people that would shut down a utility. Nothing that is out of bounds. We passed that rubicon a long time ago.

“So if they see an opportunity, they’re going to take it.”

IBM Security X-Force said in Canada, credential harvesting took the pole position with 67 per cent of incidents that X-Force remediated (compared to 11 per cent globally). A third of them (33 per cent) resulted in botnet (malware) infections of networks. Overall, X-Force saw threat actors use spearphishing links and exploitation of public-facing applications in equal proportion to gain initial access. Botnets, ransomware, and deployment of recon/scanning tools were the three top actions on objectives observed in incidents in Canada.

Indigo Outage at Bay & Bloor Indigo (Image: Dustin Fuhs)

Here are IBM Security’s recommendations: 

  1. Stop blaming the user. Attackers rely on the fact people are innately curious and inclined to click on links. The report shows that it’s a strategy that works – with 41 per cent of incidents starting from a phishing email. The default industry setting is to blame the user – that needs to change. The focus should be on rolling out the right technology to protect users from falling victim.
  2. Accelerate your response. It’s no longer a question of whether an adversary will get in – it’s a question of when. Successfully responding to a breach is all about speed and limiting the window of access and damage to your environment. How your team responds in the critical moment can make all the difference in the amount of time and money lost in a response.
  3. Employ endpoint or extended detection and response technologies. The rise in backdoor cases points to some success in catching infections earlier. Endpoint and extended detection and response technologies provide the means to identify and mitigate threats before adversaries take more dangerous actions.
  4. Shift your mindset. You have to think like an attacker and understand how they operate. Adversary simulations and threat hunting can help businesses outsmart cybercriminals.
  5. Know your attack surface. One third of attackable assets on organizations networks are unmanaged or unknown, offering easy targets for attackers and risking unintended data exposure. You need to think like an attacker, discover where you’re exposed and the ways an attacker could get in with least detection.
  6. Challenge assumptions. Today, you have to assume compromise. Perform regular offensive testing including threat hunting, penetration testing, and objective-based red teaming to detect or validate opportunistic attack paths into your environment.
  7. Build an adaptable, threat-driven security strategy. There is no single, out-of-the-box solution to protecting businesses today. Attackers are constantly innovating and evolving techniques to evade detection – cyber strategies should be just as flexible. Buy the tools, build the plan, but then test it, learn from what you find, and adapt regularly to consider the rapidly evolving threat landscape.

O’Regan said it’s important for companies to get their house in order and start looking for some of these known exploits inside of their organization, inside of their operations.

“The retail industry needs to have something of a security strategy and a threat driven plan that reflects the threat that they are facing because there’s no single out of box solution. The attacker is going to constantly innovate so it’s something that becomes a living, breathing document that gets revisited. It’s a practice. It’s the notion of building the plan, making sure you have the right tools to support it, learn from what you find and adapt regularly because it’s a rapidly evolving threat landscape so you’re response to that has got to be rapidly evolving,” he said.

Mario Toneguzzi
Mario Toneguzzi
Mario Toneguzzi, based in Calgary, has more than 40 years experience as a daily newspaper writer, columnist, and editor. He worked for 35 years at the Calgary Herald covering sports, crime, politics, health, faith, city and breaking news, and business. He is the Senior News Editor with Retail Insider in addition to working as a freelance writer and consultant in communications and media relations/training. Mario was named as a RETHINK Retail Top Retail Expert in 2024.


Please enter your comment!
Please enter your name here

More From The Author



Subscribe to the Newsletter


* indicates required

Related articles

Anatomy of a Leader: Ken Keelor, CEO of Calgary Co-op

After moving to Canada from India in 1995, Keelor began working at Save-on-Foods and then other major retailers as his career progressed upwards.

Unprecedented Opportunity for Canadian Retailers to Sell to Consumers in China Online

China is the world’s largest online consumer market, and it is projected to grow for years to come.

Modern Golf Opening Innovative Golf Social Experience in Downtown Toronto’s First Canadian Place [Interview]

The 8,500-square-foot Financial District space will feature multiple bays, bars, lounge areas, and partnerships with Food Dudes for food and beverage offerings, marking a significant shift in the company's growth strategy.

Krispy Kreme Doughnuts Gears Up for Nationwide Expansion in Canada with Innovative Store Formats [Interview]

New locations in new markets are planned, including a mix of Doughnut Café concepts and manufacturing locations for the public called 'Theatre Hubs'.

Robson Street in Vancouver in Flux as New Retailers Prepare to Open Stores [Feature]

The street is seeing new retailers prepare to open, including a prominent corner that is about to see some very big changes and a potential luxury mall nearby cancelled.

Wendy’s Bold Dynamic Pricing Move Has its Positives and Negatives [Op-Ed]

Sylvain Charlebois discusses the unusual move by Wendy's in the US to implement dynamic pricing, and how it could benefit the business while potentially turning off consumers.

Growing Crisis in Retail Inventory in Canada as Factory Direct Liquidates Stores [Interview]

The founder of A.D. Hennick & Associates says he's seeing overwhelming demand to liquidate inventory, indicating a concerning trend in the industry as more retailers look to insolvency.

Here’s What We Can Learn from Canada’s Response to Inflation in the 1980s and 1990s [Op-Ed]

Younger, poorer households have disproportionately suffered because their price index is skewed more toward food and shelter, say the authors.

Food Preferences in Canada Changing as Millennial and Gen Z Demographics Shift [Op-Ed]

Sylvain Charlebois discusses Canada's aging population and how younger consumers are shifting the grocery food landscape.

Henry Singer Unveils Downtown Edmonton Flagship Store at the ICE District, Featuring a Bar, Barber and Shoe Shine [Photos/Interview]

Jordan Singer discusses how the upscale menswear retailer recently relocated its Edmonton flagship store from Manulife Place into a 10,000 square foot space at the base of Western Canada's tallest building.

Canadian Retail Sales Dip: Year-End Drop in Discretionary Spending [J.C. Williams Group Analysis]

2023 Canadian retail sales ended in a lacklustre way, with controlled consumer spending amid a tumultuous year.

Landlord QuadReal Launches Pickleball Courts in Commercial Properties to Create Consumer Experience [Interview/Photos]

The initiative helps revitalize and re-imagine spaces using sustainable development practices, while incorporating the latest technology to enhance the visitor experience, blending physical and digital elements.