The retail industry prepares for Russian cyberattacks

Political leaders and cybersecurity agencies stress that companies must remain vigilant
VP, Retail Technology & Cybersecurity; Executive Director, Center for Digital Risk & Innovation
March 31, 2022

NRF PROTECT is retail’s loss prevention, digital fraud and cyber risk event, happening June 21-23, 2022, in Cleveland. Learn more.

In the wake of the Russian invasion of Ukraine, and the subsequent actions by the U.S. government and many other nations to impose financial sanctions on Russia, concern has grown about potential retaliatory cyberattacks by the Russian government and Russian-based cybercrime groups, many of which are known to take direction from Russian intelligence agencies.

More than one month after Russia’s initial invasion, these concerns have not yet led to a wave of cyberattacks directed against the U.S. and allied and partnered nations, but there are good reasons to remain vigilant.

Russia has carried out cyberattacks against Ukrainian infrastructure as part of this conflict. And Russian agencies have a long history of carrying out cyber intrusions against U.S. companies and government agencies, in some cases for espionage, but in other cases to prepare for future destructive cyberattacks.


NRF PROTECT is where loss prevention, digital fraud and cybersecurity experts unite to share insights and strategies. Register now.

U.S. political leaders and cybersecurity agencies are stressing that companies must remain vigilant. On March 21, President Biden reiterated a warning about “the potential that Russia could conduct malicious cyber activity against the United States.”

The following day, the Cybersecurity and Infrastructure Agency held a lengthy call for private-sector stakeholders during which it noted “evolving intelligence indicates that the Russian government is exploring options to conduct potential cyberattacks against the United States.” CISA also reinforced guidance that it and other federal agencies have been providing to the private sector as part of its Shields Up campaign, including with respect to network defense, intrusion detection, incident response and business recovery.

CISA also urged companies to empower chief information security officers and “ensure that the entire organization understands that security investments are a top priority in the immediate term.”

No credible public information to date indicates that Russian cyber threat actors plan to target the retail sector specifically. Given the high-profile nature of many retail companies and consumer brands, however, and the decisions by many retailers with Russian operations to withdraw their operations, there are good reasons for ongoing vigilance.

Retailers must also be concerned about the potential disruptive impacts of cyberattacks on critical third parties, including IT and financial service partners and the utilities that provide electricity, water and telecommunications to their stores.

NRF currently supports industry collaboration on these issues through its direct engagement with CISA, the FBI and other government partners, through the IT Security Council comprised of more than 200 industry cyber leaders, and through the NRF Cyber Risk Exchange, its portal for sharing cyber threat bulletins and indicators with threat analysts and other cyber practitioners at its member companies.

Leveraging these existing communities and resources, NRF stands ready to share additional guidance and threat information with its retail members as the conflict continues to develop and evolve. Retail cybersecurity leaders and industry partners will discuss these issues in many sessions and meetings at the upcoming NRF PROTECT in Cleveland, June 21-23.

For more information on how to get engaged with NRF on cybersecurity, please check out the resources above and reach out to us at

Related content

Fight Retail Crime Day 2023 makes a big impact
NRF President and CEO Matthew Shay speaking at Fight Retail Crime Day
Retail community and policy leaders unite to combat organized retail crime.
Read more
5 key questions for Cybersecurity Awareness Month
Individual working on a laptop.
Take this opportunity to reassess cyber preparedness and address new retail cyber risks.
Read more
3 ways to fight retail crime
Retail security camera to capture organized retail crime.
Fight Retail Crime Day mobilizes the retail industry to advocate for effective solutions in combating this problem.
Read more