Cybercriminals Target Budding Cannabis Retailers

  /     /     /  
Publicated : 23/11/2024   Category : security


Cybercriminals Target Budding Cannabis Retailers


Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices.



As more US states legalize recreational marijuana, security experts warn lawful cannabis retailers of their vulnerabilities to cyberattacks targeting consumer and patient information.
Thirty-four states sell marijuana for medicinal purposes; in January 2020, Illinois will become the eleventh to sell cannabis via state-licensed dispensaries. As Matthew Dunn, associate managing director for cyber risk at Kroll, says, legitimate cannabis enterprises have all the responsibilities of a traditional business. This means being aware of exposure to cybercrime.
While they share with all retailers the duty to protect customer data and financial records, cannabis businesses must acknowledge a heightened state of sensitivity around privacy issues, he
writes
. Dunn argues dispensaries face greater risk due to the controversial product they sell; as a result, its imperative they develop a mature cybersecurity strategy to mitigate risk.
The threat is greater for medicinal marijuana dispensaries, which store protected health information (PHI) records that are considered more valuable to attackers than typical PII due to the extent of health data they contain. Medicinal dispensaries arent covered under HIPAA, which would limit how they use patient data, but they still must comply with state privacy laws.
What should cannabis retailers watch for? Dunn points to the danger of email-based attacks, which affect retailers across industries but may prove especially prevalent among cannabis companies with relatively new workforces. Cyber extortion is another threat: criminals who access a dispensarys client database could attempt to extort high-profile customers, he adds.
Also top-of-mind is the heightened risk of IoT attacks as many cannabis retailers use video surveillance equipment that connects to the Internet. While IoT devices offer convenience and flexibility of remote access, Dunn points out how many use default login credentials and oftentimes multiple employees will use the same password to access databases and platforms.
Read more details
here
.
  
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the 
conference
 and 
to register.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cybercriminals Target Budding Cannabis Retailers