Retailers Take Notice: Automated Threats Cause 62% of Security Incidents

Retailers Take Notice: Automated Threats Cause 62% of Security Incidents

By Stefania Viscusi

Digital security solutions provider Imperva recently released its “The State of Security Within eCommerce 2022” report which found persistent security threats plaguing online retailers.

More specifically, automated threats -- from account takeover, credit card fraud, web scraping, API abuses, Grinch bots, and distributed denial of service (DDoS) attacks -- have been an ongoing and increasingly consistent challenge for the eCommerce industry. What’s worse, the potential for these attacks is threatening online sales and customer satisfaction levels and is leaving online retailers in a bad place for sales and future growth.

While in many industries, human error is blamed for security incidents, it’s a different story in eCommerce. The types of automated threats they’re seeing are not coming from human users, in fact, but bots and software applications that are dispersed with malicious intent to run automated tasks.

Right now, with the holiday shopping season already in full swing, online retailers must be especially vigilant about these attacks and risks. One of the most popular automated attacks happening during the holiday season is the aptly named Grinch bot, which uses software to hoard and scoop up high-demand items so consumers have a hard time finding them online.

“The holiday shopping season is a critical period for the retail industry, and security threats could undermine retailers’ bottom line again in 2022,” says Lynn Marks, Senior Product Manager, Imperva. “This industry faces a variety of security risks, the majority of which are automated and operate around the clock. Retailers need a unified approach to stop these persistent attacks, one that focuses on the protection of data and is equipped to mitigate attacks quickly without disrupting shoppers.”
 

Abuse of APIs is also becoming a common security risk for retailers. They are used to enable applications to share data and invoke digital services, but some of the traffic is directed to undocumented or Shadow APIs and become vulnerable during things like botnet flood with unwanted traffic is sent into vulnerable applications for an attack on customer data and payment information. The use of these methods is especially high during holiday seasons, when online shoppers are doing more buying than usual.

Malicious bots found on retail sites have grown from 23.4 percent last year to 31.1 percent in 2021.

Another automated threat, a distributed denial of service (DDoS) attack, attempts to disrupt critical business operations by flooding malicious traffic into the network or application infrastructure.

According to findings in Imperva’s report, DDoS attacks in 2022 are larger and stronger across all industries. Fifty-five percent of websites were hit by an application layer DDoS and 80 percent were hit by a network layer DDoS and attacked multiple times.




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

More Partners Look to Offer AI/ML Solutions, a Potential New Revenue Stream

By: Greg Tavarez    12/1/2023

A recent TD SYNNEX report revealed that 37% of partners have already incorporated AI/ML solutions into their offerings, and an additional 40% of partn…

Read More

Accenture Expands Footprint, Capabilities in Spain with Innotec Security Acquisition

By: Greg Tavarez    11/30/2023

Accenture expanded its capabilities and footprint in Spain, where 70% of CEOs from large organizations are concerned about their organizations' abilit…

Read More

Majority of Organizations Unprepared to Handle Targeted Cyberattack

By: Greg Tavarez    11/30/2023

The majority of CISOs and 53% of CEOs believe that their organization is unprepared to cope with a targeted cyberattack in the next 12 months, accordi…

Read More

Majority of IT Decision-Makers Opt for Service Provider Support in Cloud Migrations

By: Greg Tavarez    11/30/2023

Many IT leaders say they rely on service provider assistance for successful cloud migrations, according to a recent RapidScale study.

Read More

Alef and Frontera Collaborate and Expand Private Mobile Networks Platform Reach in Schools

By: Greg Tavarez    11/29/2023

Alef recently teamed up with Frontera Consulting Group to provide equal access to quality education, regardless of a student's economic background.

Read More