
As cyber threats continue to rise, understanding the impact of these threats and how they infiltrate the retail supply chain is vital for operational continuity. Singapore’s recently refreshed Industry Digital Plan (IDP) for the retail sector highlighted enhanced cyber hygiene measures for protection at different stages of growth.
The region’s booming digital economy makes businesses operating here a prime target for cyberattacks. The retail sector is ripe for third-party cyberattacks, with threat actors exploiting vulnerabilities in Point-of-Sale (POS) terminals, supply chain systems, logistics platforms, and other interconnected technologies.
Recent Cyber Attacks Targeting Supply Chains
The retail industry has been shaken by a number of high-profile reported cyber incidents recently, affecting major players like Marks and Spencer (M&S) and Harrods.
Closer to home, popular bubble tea chain Chica San Chen disclosed a data breach of one of its vendors’ servers, compromising the personal information of members, such as their names, mobile numbers, e-mail addresses and login passwords. In 2024, Filipino fast-food giant Jolibeewas reportedly subjected to a major data breach affecting the data of 11 million customers.
These incidents not only tarnish brand reputations, but also disrupt operations and expose sensitive customer data, causing widespread concern. The financial fallout from these compromises highlights the crucial need for retailers to focus more diligently on the security of their digital and physical supply chains.
According to BlueVoyant research, more than 70% of Singaporean organisations reported an average of 3.97 breaches impacting operations. Almost half (47%) of Singapore organisations indicated the news of breaches over the past 12 months are likely to lead to an increase in budget for additional internal and external resources to help protect against supply chain cyber security issues.
Retail Under Growing Threat
Threat actors like DragonForce have reportedly boldly claimed responsibility for a series of attacks targeting UK retailers, often partnering with groups like Scattered Spider to amplify their reach. Understanding the motivations and methods of these groups provides invaluable insight — such as exploiting supply chain vulnerabilities — to predict and prevent future attacks. Their evolving strategies represent a constant threat that requires ongoing vigilance and continuous improvements to third-party risk management practices in retailers.
Retail businesses are often vulnerable to a catalogue of common cyber threats, including phishing schemes, ransomware, and supply chain compromises. Threat actors leverage malware and sophisticated social engineering to infiltrate retailers’ defences. By embedding malicious software within trusted channels, they can access secure areas usually safeguarded but overlooked in anticipation of direct attacks.
In fact, more than a third (35%) of Singapore respondents to BlueVoyant research said they have no way of autonomously seeing the cyber risk posture of third parties and rely on self-reporting. This knowledge underscores the necessity for robust cyber security practices targeting every link in the retail supply chain.
Harden defences and manage supply chain risk
Singapore’s Cyber Security Agency (CSA)’s toolkit for enterprises highlight key areas for organisations to address increasing cyber risks, including the need for a third-party risk management programme to assess and manage the risks posed by third parties, including vendors, products, and services.
Implementing effective third-party risk management practices, characterised by strong cross-business collaboration in vendor management, continuous cyber threat monitoring across the supply chain, and robust due diligence procedures, is essential for ensuring comprehensive visibility of risks associated with key suppliers.
Additionally, both retailers and their suppliers must prioritise robust employee training in cyber security best practices, empowering them to recognise and respond to suspicious activity. Implementing multi-factor authentication adds an extra layer of security, making it significantly more difficult for unauthorised users to compromise the integrity systems. Securing helpdesk authentication can also help prevent deceptive access attempts, ensuring that customer service channels remain protected.
Proactive incident response planning is crucial for effectively managing breaches, should they occur, with an eye towards the potential for a cross-business compromise. Retailers work with many suppliers and partners and so must maintain even greater vigilance within their extended ecosystem. Establishing network segmentation, sharing only strictly necessary data, and implementing access controls can help make sure that a potentially compromised vendor does not cause a cascade of issues.
Regular drills and collaboration with cyber security partners can help ensure incident management is more seamless, minimising potential damage through quick containment and eradication. By embracing these defensive strategies, retailers can significantly bolster their security posture.
As cyber threats become increasingly sophisticated, it is imperative for retailers in the region to maintain constant vigilance and adaptability in their cyber security posture. Ensuring robust protection of these essential services is vital due to their immediate impact on society’s well-being. Retailers must heed the call to integrate recommended cyber security measures, protecting themselves against potential compromises.
By William Oh, Head of Asia Pacific, BlueVoyant