NRF Continues Grassroots Efforts to Pass 'Combating ORC Act'
Why Congress should pass organized retail crime-fighting legislation this year

Join NRF's grassroots efforts to pass the Combating Organized Retail Crime Act

Organized retail crime continues to impact the retail industry at alarming rates. In response to this growing challenge, NRF is advocating for passage of the Combating Organized Retail Crime Act - CORCA (S. 140/H.R. 895), a bill that would increase federal coordination with state and local law enforcement to fight retail crime.

Momentum is gaining in Congress to pass CORCA, thanks to NRF's advocacy efforts - including Fight Retail Crime Day, which mobilized the retail industry to raise awareness of the urgent need for Congress to act. While the momentum from this day was positive, retailers and local communities need Congress to finish the job and pass CORCA before the end of the year. Here are three reasons why Congress should pass CORCA this year.

Federal legislation to address ORC cannot wait

Organized retail crime is a dangerous and widespread problem and addressing it through federal legislation cannot wait. These crimes not only have an economic impact on retailers, but also a broader effect in terms of the safety of store employees and customers.

Increased federal coordination is critical to fight retail crime

Law enforcement agencies across jurisdictions often lack sufficient resources to quickly catch and prosecute retail criminals. That's why CORCA establishes a new Organized Retail Crime Coordination Center to combine expertise and resources from federal, state and local law enforcement agencies and retail industry representatives to curb organized retail crime.

CORCA is widely supported

CORCA is broadly supported both by the retail community and Congress. Virtually all (93%) retailers are in support of federal ORC legislation, as reported in NRF's 2023 National Retail Security Survey. In Congress, CORCA has the growing support of more than 130 bipartisan co-sponsors who have been recognized by NRF as Congressional Retail Crime Fighters.

Join NRF in pushing for passage of the Combating Organized Retail Crime Act through our grassroots alert. nrf.com


Chicago ORC is 'Funding Violent Crime' & 'Killing the Psyches' of Retailers
Cook County sheriff's task force uses all means to bust ORC in Chicago
The Cook County Sheriff's Office's Organized Retail Crime Task Force is cracking down on thefts and burglaries that have been plaguing shopping districts across the Chicago area.

The task force isn't only responding to thefts on retail strips such as the Magnificent Mile or making arrests. They are working directly with businesses to understand what they are dealing with-and what they can do to help.

Cook County Sheriff Tom Dart said the task force started its work about a year ago amid worsening organized retail theft. "There's a lot more organized operations now than have ever really been around," Dart said. "It's really killing the psyche of the primary retail district of the city of Chicago."

With retail crime so connected to so much more - including funding violent crime-across the Chicago area, Dart said there is a larger impact than what is known to be a nearly 30% vacancy rate in the Mag Mile-the city's prime shopping district.

The task force will continue their work to bust retail theft crews and curb their crimes, with a focus on the Mag Mile and Oak Street. But the task force is working across the city. So far this year, the task force has made 290 arrests this year, and more than 65 felony arrests.

Efforts from the Illinois Attorney General, Cook County prosecutors

State law now allows the Illinois Attorney General's office to charge criminal organizations that engage in multi-county criminal conduct under a statewide grand jury. The office can also charge someone with a felony wen using violence to commit retail theft, or when acting as a manager for a criminal organization.

The Attorney General's office launched a statewide Organized Retail Crime Task Force in 2021, as the first public-private collaboration of its kind in Illinois. The office has also funded more than 70 police departments' efforts to fight retail crime. cbsnews.com


Some SF Businesses May Be Forced to Reduce Hours to Curb Crime
SF Mayor Breed to propose retail curfew aimed at curtailing crime in the Tenderloin
San Francisco Mayor London Breed announced plans on Tuesday to institute a curfew in a part of the Tenderloin in order to help curb crime in the area, the Mayor's office confirmed.

Breed will introduce legislation to the Board of Supervisors later today. The legislation would prohibit some retail businesses that sell prepackaged food or tobacco products from operating after midnight and before 5 a.m.

The San Francisco Police Department supports the plan. "Our challenges still occur at night," said Assistant Chief David Lazar. "Crowds of people who are there selling stolen property, selling narcotics. We have drug users all over. And the problem is that when you have businesses that are open, like liquor stores and smoke shops, it just attracts more people."

The Mayor's office says this legislation is meant as another tool to help combat drug-related crime in the Tenderloin, which negatively impact residents nearby. Residents have complained that the late-night operations of retail shops are likely contributing to the drug markets in the Tenderloin.

Benson said he hopes the city could step in and help businesses that might have to cut their hours, but he thinks that the curfew could help in areas where drug users and dealers congregate.

"The police have been much more active, the (Department of Public Works) has been out helping the cleanup effort," said Benson. "But, it seems to be mostly a daytime effort. At nighttime, it's still the wild west."

The ordinance would also allow the San Francisco City Attorney to file a lawsuit against any store that repeatedly stays open during the curfew. Breed's office says this is not aimed at punishing small businesses but at improving the area for residents.  ktvu.com


Canada Battling Same ORC Surge as the U.S.

Shoplifting Surged 31% in Canada from 2021 to 2022
Why the rise in shoplifting? Blame our addiction to online shopping
According to Statistics Canada, rates of shoplifting jumped 31 per cent in 2022 compared with 2021. The Retail Council of Canada says some of its largest members are reporting a 300-per-cent increase in thefts since 2020. Toronto police and the council both estimate the value of retail crime in Canada exceeds $5-billion a year.

A more immediate harm is an uptick in violence: Toronto Police Chief Myron Demkiw estimates two out of five organized retail thefts involve violence, very often directed at some of Canada's most vulnerable workers, such as youth and recent arrivals.

At its heart are profound shifts in market structures that have rendered retail theft too profitable for organized crime to resist.

Sure, many retail thieves appear to be motivated by drug dependency: A very large number of lower volume and value thefts are being committed in areas with high concentrations of opiate sales and use - notably, for example, in Vancouver's Downtown Eastside and Edmonton's Northeast.

However, a smaller number of high-volume and value thefts account for the bulk of growth in the dollar value and violence associated with retail crime since the pandemic. And this is where our love for online shopping comes in.

It may not readily appear so, but cyberspace retail is often the domain of organized crime, where a small number of front-line gang members (who are often youth) are recruited or coerced into "shelf-clearing" service by larger, highly organized crime syndicates that move products through a vast network of physical markets overseas and online markets everywhere.

Such crime syndicates are adept at responding to new avenues for extraordinary profit, or "arbitrage opportunities." Of greater importance than pandemic-driven shifts in general social attitudes, has been a mass shift in consumer habits: Shoppers across the socio-economic spectrum have become more comfortable buying a wide variety of electronic, household, medicinal and food products online.

Statistics Canada reports that online shopping surged by 99.3 per cent in the first three months of the pandemic alone in 2020. theglobeandmail.com


More Law Enforcement Agencies Conduct ORC Sting Operations
San Bernardino County Sheriff Department Targets Retail Crime with "Operation Smash & Grab"
In a crackdown against rampant retail theft, the San Bernardino County Sheriff's Department spearheaded a major operation tagged as "Operation Smash & Grab" at Victoria Gardens Shopping Center, officials said. Ironed out with cooperation from a host of law enforcement agencies, including Homeland Security Investigations and California Highway Patrol, the operation took place on April 19, 2024, resulting in a haul of felony and misdemeanor arrests.

With a keen eye on organized crime rings accused of intimidating the public, law enforcement made six felony arrests while collaring another seven on misdemeanor charges. According to a report circulated by the department, property worth $10,926.60 was recovered in the sting operation. It's been a fight to hold at bay the band of criminals believed to douse local stores in crime since November last year when the uptick in retail thefts became obvious.

The terror inflicted by these thieves on residents and their shopping experiences, using "intimidation tactics and a mob mentality," is what triggered the response from local authorities, as documented by the San Bernardino County Sheriff's Department. The porous district encompassing Rancho Cucamonga, Apple Valley, and other neighboring consumer hubs has been under particular focus, with law enforcement aiming to rattle the operations of these theft crews. hoodline.com


Slate of Tenn Bills "Targeting Memphis Public Safety & Proactive Approach to Tackling Crime"
Tenn Bills Introduced "Peeling Back Bail-Reform Efforts"
Signed by Lee on March 27, it requires judicial commissioners to first consider the safety of the community when determining a defendant's bail. Commissioners already consider a defendant's threat to public safety as one of several factors when determining bail. Others include whether they are a flight risk and, currently, their financial situation.

But financial considerations may not be a factor long as another bill, SB2565, would remove them when determining a defendant's bail. Critics have suggested the legislation could be unconstitutional.

The bill cleared the full Senate Tuesday and awaits a vote in the full House. dailymemphian.com


Californians are worried about crime, setting the stage for a ballot measure showdown

Ireland: Report highlights true extent of retail crime in north
 

Cybersecurity Incidents Are Getting Detected Faster
Organizations were able to detect intrusions within a median of 10 days in 2023, compared with 16 days in 2022.

Enterprises are getting better at detecting security incidents

Google Cloud's Mandiant saw significant improvements in how organizations track down threats, yet hackers are still abusing common threat vectors.

Global median dwell times - measured as the time that hackers remain undetected inside a targeted environment - have fallen to their lowest levels in more than a decade, according to the annual M-Trends report from Google Cloud's Mandiant, released Tuesday.

Organizations were able to detect intrusions within a median of 10 days in 2023, compared with 16 days in 2022. Notably the largest improvements came in the Asia-Pacific region, where median dwell times fell to nine days in 2023, compared with 33 in 2022.

Zero-day vulnerabilities are a hot target for espionage actors as well as financially motivated threat groups. Zero-day usage rose 50% in 2023, compared with the prior year.

The 15th annual M-Trends report showed network defenders are making progress in their ability to detect intruders, however Mandiant researchers cautioned organizations to remain vigilant. Attackers are using living-off-the-land techniques, abusing edge devices and using other sophisticated methods to mask their malicious activities.

"Attackers regularly adjust their tactics, techniques and procedures in order to achieve their objectives, which can be challenging for defenders," Jurgen Kutscher, VP of Mandiant Consulting at Google Cloud, said in a statement. "Despite this, our frontline investigators have learned that organizations have done a better job in 2023 of protecting systems and detecting compromises."  cybersecuritydive.com


Zero Trust Being Adopted By Businesses Globally
Majority of businesses worldwide are implementing zero trust, Gartner finds

Programs are typically sponsored by C-suite executives, while the CISO is often tasked with execution, according to Gartner.

Almost two-thirds of organizations across the globe have either fully or partially implemented zero-trust strategies, according to a report released Monday by Gartner based on a survey of 303 security leaders.

Of organizations that have fully or partially implemented zero trust, 4 in 5 have strategic metrics to measure their success. Of those, the vast majority - 9 in 10 - have metrics available to measure risk.

Following a zero trust implementation, 3 in 5 organizations anticipate costs will rise and 2 in 5 expect staffing requirements will likely increase, Gartner found.

More companies are adopting zero trust security strategies following a rapid rise in malicious cyberattacks. The shift toward remote or hybrid work environments, where a larger percentage of employees are based out of the office throughout the week, has also advanced zero trust adoption.

In about half the cases, the zero trust strategy involved a combination of older security technologies with new ones added, according to John Watts, VP analyst and key initiative leader at Gartner. About 30% use existing technologies, while the 20% of cases involve implementing new technologies. cybersecuritydive.com


Security Vendor Downplays Device Vulnerability
Palo Alto Networks quibbles over impact of exploited, compromised firewalls

The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.

The fallout from zero-day exploits targeting organizations using Palo Alto Networks' firewalls is expanding as researchers observed several thousand vulnerable devices containing evidence of varying levels of exploitation.

Shadowserver scanned for the existence of files left behind by attackers' exploits on Saturday and discovered 6,634 devices it deemed vulnerable and likely exploited, the nonprofit cybersecurity research foundation said in an analysis released Sunday. The number of vulnerable Palo Alto Networks devices dropped below 6,000 on Monday.

But Palo Alto Networks questioned the veracity of Shadowserver's findings and said few exploits resulted in significant compromises. cybersecuritydive.com
 

5 Hard Truths About the State of Cloud Security 2024

US Gov Slaps Visa Restrictions on Spyware Honchos