Cybersecurity leader, Imperva has released its State of Security Within E-Commerce report which highlights the cybersecurity attack risks facing the retail industry and the impact of Covid-19 on the volume of attacks and web traffic.
The findings suggest peak levels of traffic will be seen throughout the holiday shopping season as many consumers turn to online channels to purchase goods.
Shortly after people were ordered to stay at home, web traffic to retail sites spiked as much as 28% over the weekly average, eclipsing record peaks from the 2019 holiday shopping season, the Imperva Cyber Threat Index showed.
Cybercriminals capitalised on the shift to remote working by launching bad bot attacks and DDoS attacks to disrupt online activities. As retailers prepare for a surge in online holiday shopping amid the pandemic, Imperva experts urge vigilance and preparedness on the part of online businesses.
The holiday shopping season is a crucial revenue period for retailers every year, but in 2020, they face a two-pronged threat: managing unprecedented levels of human and attack traffic to websites and APIs, Imperva applications security strategist, Edward Roberts said.
“As Covid reshuffled lives and daily habits, shoppers swarmed online retail sites at record levels. Amid this historic holiday shopping season, the retail industry is likely to experience a peak in human traffic that exceeds anything measured this year and unlike anything in recent memory. The question is how many attackers are going to hide within this expected traffic spike?”
Imperva’s research shows that retailers face a myriad of complex cybersecurity threats, which has been compounded by the global pandemic.
“However, managing a stack of point solutions to address each of these unique risks is a challenge for lean security teams. Instead, they should invest in an integrated platform, like Imperva Application Security, that provides protection against the leading attacks and optimises web performance, helping businesses operate more efficiently and securely,” Roberts added.
The Imperva report highlighted six common cyberattack trends:
Bad Bots: Malicious automated attacks are a top threat to online retailers. Majority of the attacks (98.04%) on online retailers detailed in the report originate from automated bot activity. Simple bots are used in almost half (44.15%) of these attacks and function by connecting to a single, ISP-assigned IP address. Bots are also increasingly used by retailers for price scraping and inventory trackers to keep an eye on industry rivals.
API Attacks: The volume of attacks on retailers’ APIs far exceeded average levels this year. The retail industry is an attractive target for cybercriminals because they retain sensitive payment data. According to Imperva researchers, the leading attack vectors for retail API attacks in 2020 are cross-site scripting (XSS) (42%) and SQL injection (40%).
Web Attacks: Cyberattacks targeting websites have already reached record levels so far in 2020. Imperva finds the three most common attacks to be remote code execution (RCE) (21%), data leakage (20%) and cross-site scripting (XSS) (16%). Most of these attacks in the last 12 months (49%) were carried out against retail websites hosted in the US by attackers using anonymity frameworks, a common method for concealing a bad actor’s identity from the target.
DDoS Attacks: Imperva researchers have seen an increase in the volume and intensity of DDoS attacks throughout 2020. Imperva researchers monitored an average of eight application layer DDoS attacks a month against online retail sites, with a significant peak occurring in April 2020, as demand for online shopping grew.
Account Takeover (ATO) Attacks: Online retailers experienced more than twice (62%) as many ATO attempts than any other industry this year. Criminals use considerably more (79%) leaked credentials to defraud retail targets because it typically guarantees a higher success rate, Imperva researchers have found.
Client-Side Attacks: Many online retail sites are built on CMS frameworks with third-party plugins. On average, 31 JavaScript resources are used per site, making retailers vulnerable to forms of supply chain fraud such as formjacking, data-skimming and Magecart attacks.