Retail: Credential Phishing Threats

Background

The client is a European multinational retail and wholesale corporation, considered the 9th in the world in terms of revenue. The client operates in hypermarkets, grocery stores, convenience stores, and more, all of which total over 14,000 stores in over 33 countries.

The retailer delivers quality services, products, and food accessible to all across their wide and expanding distribution channels.

The challenge

In 2022, the global retailer was targeted with a credential phishing attack through an IoT device that was unaccounted for. The attackers stole sensitive personal information about the retailer’s customers and the breach took a total of two weeks to mitigate. This prompted the organization's security leaders to do a deep dive into the company's security posture in order to further evaluate its vulnerabilities.

The Solution

The retailer’s leadership team wanted to get a full understanding of the potential risks in their Edge and IoT infrastructure, as well as strengthen their mobile device security policies to prevent further credential phishing attacks like the one they had just suffered.

The company partnered with AI EdgeLabs to conduct a thorough investigation of the risks within their networks and IoT devices such as POS terminals, AI cameras, and other connected assets.

After performing a full assessment, the AI EdgeLabs team discovered that the retailer’s security had been penetrated by malicious malware that had bypassed a loophole in a single unaccounted device–senior executives had the right to override security policies and download apps at their discretion. It was clear that this was the method attackers had used to steal users’ credentials.

After conducting a comprehensive Proof Of Concept (POC) with AI EdgeLabs and evaluating the alternatives, they decided that our solution was the right fit to meet their unique needs.

AI EdgeLabs: Advanced network visibility

AI EdgeLabs’ advanced network and device visibility immediately strengthened the retailer’s environment and infrastructure. With real-time snapshots and actionable insights about known and unknown threats, our clients had access to accurate and comprehensive data on all connected assets across their stores and devices, including laptops, computers, tablets, smartphones, and IoT devices.

The partnership with AI EdgeLabs allowed them to test the retailer’s ability to find and stop targeted attacks. In the retailer’s environment, a simulated attack was run that mimicked modern threats from the real world. AI EdgeLabs worked with the security operations team of the retailer to come up with a list of goals that focused on high-risk areas for the business.

“Bringing in AI EdgeLabs to strengthen our cybersecurity was an immediate win,” shared the retailer’s Head of Security Operations. “The easy-to-use dashboard and real-time, actionable insights help our staff focus on strategic tasks rather than mitigating attack after attack regularly.”

AI EdgeLabs experts tested the organization's ability to prevent, detect, and respond to incidents by simulating the behaviors and tactics of a determined threat actor throughout the entire attack lifecycle.

Benefits of AI EdgeLabs for Retail

Thanks to AI EdgeLabs’ automation for network security, we:

• Identify suspicious devices and disabled them automatically and immediately.
• Collect monitoring and reporting data from suspicious devices for deeper analysis.
• Halt account access for all suspicious devices.
• Kill infected device connections by updating access control lists with smart firewalling.
• Discontinue irregular or blacklisted processes on critical devices with automated incident response protocols.
• Improve security posture, network threat detection, and malware detection.
• Address the new and emerging concerns of their rapidly growing asset infrastructure.
• Stop device attacks before they even had the chance of causing harm.
• Alert the network and security teams with real-time information about threats and attacks.
• Set up a distributed defense infrastructure that was easy to scale.