From London to Lagos: Why retailers everywhere must prepare for the next wave of cyberattacks
'These attacks aren't just about stolen data,' says Anna Collard, SVP of Content Strategy&Evangelist at KnowBe4 Africa. 'They took whole systems offline.
'In retail, downtime is a critical threat – it affects sales, customer trust, and brand loyalty, instantly.'
A new kind of threat actor
Unlike traditional ransomware gangs, Scattered Spider is decentralised, native English-speaking, and highly adaptive. 'Scattered Spider aren't mere opportunistic hackers,' explains Collard. 'They operate more like well-funded, well-organised crime syndicates.'
With some members as young as 19, they coordinate their activities on platforms like Discord and Telegram. 'They're agile, patient and disturbingly good at blending in,' she says. Added to this, they have great expertise in human psychology, as showcased during their attacks on Las Vegas casinos in 2023 (http://apo-opa.co/4nPvtnM).
Their primary weapons, therefore, aren't just digital – they're human. 'They've mastered social engineering,' says Collard. 'They specialise in exploiting human trust. From vishing (voice phishing) to impersonating internal staff and triggering what's referred to as 'MFA fatigue'; they're skilled manipulators who understand both systems and people.'
MFA fatigue is one of the growing tactics they're known for which involves triggering repeated multi-factor authentication (MFA) prompts, hoping the bombarded employees eventually click 'approve' just to make the interruptions stop.
'Legacy systems, shadow IT, and poorly enforced policies create entry points. Attackers don't need to break in if they can just log in.'
Another alleged tactic Scattered Spider used in its latest attacks involved calling IT helpdesks to reset credentials, gaining access to their target's infrastructure and subsequently deploying a ransomware-as-a-service tool. The outcome? Encrypted systems, stalled operations, and a long road to recovery.
Why Africa should be paying close attention
Retailers across Africa – particularly in South Africa, Nigeria, and Kenya – are digitally transforming at a rapid pace. Cloud-based POS systems, centralised inventory platforms, and data-driven loyalty programmes are now standard. But these digital advancements also expand attack surfaces.
High employee turnover, remote workforces, and under-resourced helpdesks can compound exposure. And while business English is common in South Africa, this linguistic advantage also makes local teams more susceptible to social engineering by fluent English-speaking attackers.
'Our local executives aren't naïve,' Collard notes. 'Many are acutely aware of the risks. What's needed now is clarity on what really matters – and cutting through the noise.'
Pepkor IT's CISO, Duncan Rae, delivered an insightful talk at the ITWeb Security Summit in May where he warned that cybersecurity teams are often overwhelmed – not just by threats, but by too many competing priorities. Teams are bombarded with shiny, new tools and threat reports spreading fear, uncertainty, and doubt (FUD) which sometimes makes organisations lose sight of the basics, he warned.
'These basics include managing human risk, addressing third-party exposure, and hardening vulnerabilities,' according to Rae.
What needs to change?
Collard points to gaps in access controls, third-party risk management, and cloud security as common weaknesses – not just in the UK, but globally. 'Legacy systems, shadow IT, and poorly enforced policies create entry points,' she warns. 'Attackers don't need to break in if they can just log in.'
For African retail leaders, this is a call to fortify the human layer.
'Train your frontline teams, especially in helpdesk and customer support. Teach them to detect manipulation. Make secure behaviour the norm – not the exception.'
Equally important, she says, is embedding cybersecurity into leadership conversations. 'Cybersecurity is not just an IT function. It's a board-level business risk.
'Executives must ask tough questions about readiness, incident response, and accountability.'
From awareness to action
Too often, security training is treated as a box-ticking exercise. Collard urges a more thoughtful approach: 'Training must resonate. It should be contextual, culturally relevant, and delivered in local languages where appropriate.'
She challenges business leaders with the following:
Could an attacker trick your helpdesk into a password reset?
Would your staff recognise a social engineering attempt?
Do you test these scenarios regularly?
'If the answer is 'no' to any of these, your organisation is vulnerable,' Collard says. 'But the good news is that change is possible – and fast – when you start investing in the human element.'
'Cyber resilience is a collective responsibility,' she concludes. 'And in an interconnected world, learning from each other's crises is one of the smartest defences we have.'
Distributed by APO Group on behalf of KnowBe4.
Contact details:
KnowBe4:
Anne Dolinschek
anned@knowbe4.com
Red Ribbon:
TJ Coenraad
tayla@redribboncommunications.co.za
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Business
an hour ago
- Arabian Business
Dubai real estate developer Binghatti opens London office
UAE property developer Binghatti has launched its first international sales boutique in the United Kingdom, opening the doors to its new London location on July 16, 2025. The boutique is located on Brompton Road in Knightsbridge, part of the South Kensington Estate. Binghatti's Founder, Dr. Hussain Binghatti Aljbori and Chairman Muhammad Binghatti conducted a ribbon-cutting ceremony to mark the opening. Dubai developer launches UK branch The Dubai-based developer operates a portfolio worth more than AED 50 billion, spanning over 80 projects and delivering more than 11,000 residential units across Dubai. The London boutique represents the company's move to attract international investment into the UAE's property sector. The new sales hub will serve as a centre for international investors, providing access to Binghatti's Dubai developments and investment advisory services. View this post on Instagram A post shared by Binghatti بن غاطي (@binghatti) The boutique will house a team of property experts and sales professionals offering property showcases, investment consultations, and sales transactions. Binghatti has developed branded residences in partnership with companies including Bugatti, Mercedes-Benz, and Jacob&Co. The developer's projects include the Bugatti Residences by Binghatti, Mercedes-Benz Places by Binghatti, and the Burj Binghatti Jacob&Co. Residences, which is set to become the world's tallest branded residential tower. The company's developments have attracted buyers including footballer Neymar Jr., opera singer Andrea Bocelli, footballer Aymeric Laporte, and Hollywood actor Terry Crews, who purchased a residence at Binghatti Aquarise in early 2025. Chairman Muhammad Binghatti said: 'Our presence in London marks a strategic evolution in our vision to make world-class real estate accessible to international investors. At Binghatti, we are committed to delivering architectural excellence and investment value to a global clientele, allowing them to connect directly with Dubai's most prestigious opportunities right from their own cities.' The opening event served as a networking platform for investors, property professionals, and institutional partners.
Al Etihad
an hour ago
- Al Etihad
Germany to allow UK passport holders to use e-gates
17 July 2025 18:05 LONDON (PA Media/dpa) Germany has agreed to allow some arriving UK airline passengers to use passport e-gates at its airports by the end of August, the Cabinet Office has will initially be available for frequent travellers. Access for all UK nationals will be possible once Germany has completed updates to its entry systems as it introduces the EU's long-delayed Entry/Exit System (EES).The deal forms part of a bilateral treaty signed by Prime Minister Keir Starmer and German Chancellor Friedrich Merz on the latter's first official visit to the Brexit, UK travellers arriving at EU airports have generally been forced to queue for manned desks to have their passports stamped, rather than using automated gates with facial recognition has led to many passengers facing long queues, particularly during peak issue has been described as one of the most visible impacts of the UK's withdrawal from the UK-EU summit in May agreed that there is no legal barrier to the UK citizens using EU Cabinet Office said that since then, e-gate access for UK travellers has increased in Bulgaria, the Czech Republic and relations minister Nick Thomas-Symonds said: "E-gates can make the slog of travelling through an airport a bit easier, which is why I have been working with the EU and member states to get more airports opened up to Brits abroad."With £30 billion [$40.2 billion] of services trade between the UK and the EU, this agreement isn't just good for holidaymakers, it's good for British businesses too, making travelling easier between Europe's biggest economies, to get deals done and boost growth."The treaty also includes the UK and Germany agreeing to establish a taskforce aimed at paving the way for direct train services between the is hoped that services could begin within the next decade. The taskforce will bring together transport experts from both governments to examine how to address barriers to a new route, such as how to establish the necessary border and security will also assess safety standards and collaborate with train Secretary Heidi Alexander said: "We're pioneering a new era of European rail connectivity and are determined to put Britain at the heart of a better-connected continent."The Brandenburg Gate, the Berlin Wall and Checkpoint Charlie - in just a matter of years, rail passengers in the UK could be able to visit these iconic sites direct from the comfort of a train, thanks to a direct connection linking London and Berlin."She added that the agreement has the potential to "fundamentally change how millions of people travel" between the UK and Germany by offering a "faster, more convenient and significantly greener alternative to flying."In May, the UK and Switzerland signed a memorandum of understanding in an attempt to address barriers to a rail link between the countries. A month later, Eurostar unveiled plans to launch direct services connecting the UK with Germany and Switzerland. The operator announced proposals to run trains between London St Pancras and both Frankfurt and Geneva from the "early 2030s."Journey times would be about five hours between London and Frankfurt, and five hours and 20 minutes between London and Geneva. Eurostar holds a monopoly on running passenger trains through the Channel Tunnel, but several organisations are developing plans to launch rival services.
Zawya
2 hours ago
- Zawya
Gordon Brothers launches its largest ever solar inverter private treaty sale
Gordon Brothers, the global asset experts, has launched its largest ever private treaty sale of solar inverters, including over 5,000 brand-new units. This unique opportunity follows the closure of Solar Supply, a solar equipment supplier located in Sweden, and offers a significant volume of premium solar technology assets from its stockpile for immediate purchase. The available inventory includes solar inverters and accessories from leading European and international manufacturers such as Fronius, Goodwe, Growatt, SolarEdge and Sungrow. 'This is an exceptional opportunity for solar installers and renewable energy businesses to access a large volume of high-quality, unused solar inverters at some of the most competitive prices in the market,' said Bryn Carroll, Director Industrial at Gordon Brothers. 'With potential ongoing challenges in OEM supply chains, this sale allows businesses to secure inventory now, whether single items or large-scale quantities of solar inverters and accessories, to future-proof their operations and meet growing demand without delay.' The available assets include but are not limited to: 1,063 Fronius string type inverters ranging from 3.7kW–20kW 830 Goodwe string type inverters, ranging from 6kW–100kW 1,960 Goodwe hybrid type inverters, ranging from 6.5kW–10kW 59 Growatt string type inverters, ranging from 17kW–175kW 149 SolarEdge string type inverters, ranging from 4kW–25kW 1,291 Sungrow string type inverters, ranging from 6kW–17kW Additional available accessories include various connectors and smart meters. Interested buyers are encouraged to explore the online asset listings on their website. Viewings can be arranged by appointment, with all items stored in Karlshamn, Sweden, and international shipping options are available for both individual units and bulk orders. Gordon Brothers leverages decades of experience buying, selling, operating and valuing assets in the industrial economy across North America, Europe, the Middle East, Africa and Asia Pacific. -Ends- Media Contacts: IHC: Grant King grant@ Gordon Brothers: Lauren Nadeau lnadeau@ About Gordon Brothers Since 1903, Gordon Brothers has maximised liquidity through realisable asset value by providing the people, expertise and capital to solve business challenges. Our solutions-oriented approach across asset services, lending, financing and trading gives clients the insights, strategies and time to optimise asset values throughout the business cycle. We work across the full spectrum of assets globally with deep expertise in retail, commercial, industrial, brands and real estate. We are headquartered in Boston with over 30 offices across North America, Europe, the Middle East and Africa, and Asia Pacific.
