Retail Under Fire: Why Hackers Love Shopping Season

When it comes to cybersecurity, it’s easy to fall into the trap of thinking in binaries—good guys and bad guys, black hats and white hats, defenders and attackers. But the reality is far more complex, especially in an age where artificial intelligence is changing the rules for everyone, whether they like it or not.

In the latest episode of the TechSpective Podcast, I sat down with Myke Lyons, CISO of Cribl, for a conversation that spans a lot of ground. And I mean a lot of ground. From retail fraud and social engineering to ransomware economics and the future of AI-powered search, we explore how cybercriminals are using the same tools defenders have access to—but with very different goals in mind.

We kick things off by unpacking Cribl’s unique role in the world of IT and security telemetry. At one point, I draw the comparison of Cribl as a sort of Rosetta Stone for log data—helping organizations normalize, route, and optimize data flows to the right places for the right reasons. Myke shares how this kind of architectural flexibility isn’t just convenient—it’s becoming essential in a world where data is growing at breakneck speed and attackers are using AI to move just as fast.

Then we shift into a broader discussion about why retail—especially during high-stakes periods like Prime Week or Black Friday—is such a tempting target for attackers. The emotional nature of shopping, the scale of operations, and the deeply trusted brand names all make retail a ripe hunting ground for bad actors. But it’s not just old-school fraud or phishing anymore. We get into how AI is helping attackers spoof websites, impersonate brands, and even fake their way through job interviews to infiltrate organizations from the inside.

One particularly eye-opening thread: the evolving ransomware playbook. Threat actors are now using AI to research their victims more thoroughly—tailoring ransom demands based on insurance coverage, revenue cycles, and organizational pain points. It’s strategic, it’s efficient, and yes, it’s unsettling.

But this conversation isn’t just doom and gloom. We also talk about how security teams can flip the script by using AI themselves—developing muscle memory with new tools, leveraging prompt engineering, and building infrastructure that adapts in real time. Myke makes the case for experimentation, curiosity, and staying a step ahead—not just with tech, but with mindset.

If you’re a security leader, a practitioner, or even just a curious listener trying to make sense of this rapidly evolving landscape, you’ll find a lot to chew on here. And if you think the line between helpful AI assistant and risky attack vector is starting to blur… you’re not alone.

Listen to the full episode now and hear why your AI should be more like JARVIS—and what happens when the bad guys figure that out first.

About
Latest Posts

Tony Bradley

Editor-in-Chief at TechSpective

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.

Related Posts