The rise in the number of automated assaults is causing problems for the e-commerce business

According to Imperva's research, the most significant risk for online merchants is posed by automated assaults on application business logic. These attacks are carried out by sophisticated malicious bots.

Automated assaults directed against Internet merchants

In addition, there was a considerable danger of account takeover, distributed denial of service assaults, API misuse, and client-side attacks.

Cybercriminals continue to focus their attention on the e-commerce sector because of the rich opportunities it presents. Online retailers are becoming more susceptible to client-side assaults and business logic misuse since their platforms are built on a large network of API connections and dependence on third parties. Cybercriminals with a motive are willing to hack user accounts in order to steal personal data and financial information.

During the holiday shopping season, the number of security incidents increases.

If a security breach is successful, it may result in increased infrastructure and support expenses, reduced online services, and eventually consumer turnover. Although these security threats remain constant over the course of the calendar year, the number of assaults often reaches its highest point during the Christmas shopping season.

"The security risks that the retail industry faces are more sophisticated, automated, and harder to detect," says Karl Triebes, SVP and GM, of Application Security, for Imperva. "The retail industry faces more sophisticated, automated, and difficult-to-detect security risks." It is reasonable to be concerned about the dramatic rise in the level of complexity of bots over the course of the last year. This kind of automation is more difficult to thwart and is possible to exploit business logic, launch attacks on APIs, and take control of user accounts. It is possible that this may have an effect on the bottom line of susceptible shops and will hinder their sales at the end of the year.

Business logic attacks, in which an application or API's intended functionality and procedures are exploited rather than the technical vulnerabilities of the application or API, were by far the most prevalent kind of attack carried out against retail websites during the last year. In the retail industry, attackers will attempt to take advantage of business logic in order to manipulate prices or get access to items that are forbidden.

This year, business logic assaults accounted for 42.6% of all attacks against retail websites, which is an increase over the previous year's total of 26% during the same time period. There is a correlation between the growth in the number of business logic assaults over the previous year with the increasing percentage of traffic to retail websites that originates from APIs (45.8%, up from 41.6% the year before).

The vast majority of assaults on business logic are automated, and their primary emphasis is often on exploiting API access points. 17% of all attacks against APIs were carried out by malicious bots making inappropriate use of business logic. It is difficult to apply a general rule and presume that all application and API deployments are safe since attack patterns to monitor for these exploitations do not exist, and it is also impossible to monitor for them.

Over fifty percent of all automated traffic is generated by malicious bots.

First time ever that more than fifty percent of malicious bot traffic on retail websites was related with advanced bots, which are automation that is more difficult to identify and stop. This sort of smart bot is able to circumvent even the most fundamental safeguards and carry out assaults that are both hazardous and disruptive. When compared to previous years, it is difficult to ignore how much more sophisticated bots have become.

Comparatively, in 2021, just 23.4% of bots were considered to be of the same level of sophistication as those in 2022 (31.1% of bots were sophisticated). Grinch bots, which are an advanced species of scalping bots, are known to often interfere with Christmas sale events and product drops. They research the available stock online and buy the things that are expected to be the most popular during the next season with the intention of reselling them at a big profit margin.

Account takeover is a form of attack that is carried out by hackers with the intention of compromising internet accounts by using usernames and passwords that have been obtained. Imperva saw an increase in the frequency of ATO occurrences before to and during the Christmas shopping season of 2022. The number of attacks reached its highest point in December, after climbing by 12% in October. Although the danger is higher during the Christmas season, 15% of login requests across all websites are related with ATO attempts, highlighting the fact that this risk is a chronic one for the retail industry.

Threats to client-side security include methods such as magecart, formjacking, and others for stealing sensitive information from websites. In most cases, these attacks are carried out by inserting malicious JavaScript into first-party code or the code of third-party services that are utilized on legal websites. This is referred to as the software supply chain.

During the Christmas shopping season of 2023, there will be an increase in attacks on internet merchants.

On the client side, an average of about 400 resources are loaded for each retail location. To put it in perspective, that is approximately twice the amount that is placed into the websites of other sectors. Once a system has been breached, attackers have the ability to utilize sophisticated automation to track mouse movements and keystrokes, harvest cookies, or impersonate users, all of which may result in a data breach that is both long-term and destructive.

In 2023, cybercriminals will place a significant emphasis on application layer (Layer 7) DDoS, with the intention of either interrupting applications or bringing them down entirely. The month of November 2022, which coincided with Black Friday and Cyber Monday, saw one of the most significant application layer (layer 7) assaults that Imperva tracked. These assaults are often launched by enormous networks of automated bots or infected devices, which are collectively referred to as botnets.

There are a lot of signs that point to an increase in the amount of assaults carried out against online shops during the Christmas shopping season of 2023.

Since July, the number of malicious bot assaults on retail websites has climbed by 14%, with the majority of attacks happening on ecommerce websites situated in the United States, followed by those based in France. There is a good chance that the spike in automated assaults will go on through Black Friday and Cyber Monday. It's possible that Grinch bots may be engaged in the disruption of Christmas sales events and restricted product debuts again this year.

Since the first of September, there has been an increase in the number of application layer DDoS assaults in comparison to the same time last year. This highlights the recurring pattern of hackers boosting the frequency of their attacks at the start of the Christmas shopping season.

Post a Comment