From Bots to Breaches: Top Cybersecurity Threats Facing Retail and E-Commerce

Retail Bot Attacks

Bots are the plague of retail and E-commerce. While bots buying tickets may not seem like a conventional cyberattack, the effects can be just as disruptive. Bots are automated software that can interact with a website, buying up products or tickets in bulk. The bots interrupt and disrupt normal sales, causing companies to lose customer trust and can even push a company into non-compliance. Bots are often deployed during key seasons and product launches when bot purchases can outnumber humans. The results are inflated costs as the fraudsters behind the bots resell the tickets. Attackers may also manipulate websites. Scalper bots are used to buy tickets and sell them at increased prices; fans are left with the choice of no ticket or buying from the scalper sites for large sums of money.

Distributed Denial of Service (DDoS) Attacks

Another form of bot malware can also be used to cause DDoS attacks. Imperva research found that application-layer DDoS attacks on retail sites have increased by 61%. The result of a DDoS attack on an E-commerce site can be devastating, with the site becoming unusable.

Ransomware

Ransomware threats are as prevalent and disruptive in retail and E-commerce as in other sectors. Recently, several UK retailers were victims of a massive ransomware attack. The companies affected included Harrods, Co-op, Marks & Spencer (M&S), and Adidas. The affected companies had to close operations, many stopping online orders altogether to contain the threat. M&S had empty shelves as operations stalled. Consequently, M&S warned of a $405 million loss. The gang behind the attack is believed to be the RansomForce hacking group. RansomForce is known to use phishing emails and stolen credentials to gain initial access.

Credential Stuffing Attacks

Research shows that people reuse passwords 64% of the time. The problem that this causes has a broad scope through the method known as credential stuffing. The cyberattackers that use this technique buy up vast quantities of stolen login credentials from dark web marketplaces, then use automation software to test the passwords against websites that require sign-in, including retail and e-commerce sites. Credential stuffing leads to account takeovers and fraud. An article by TotalRetail magazine points to a Ponemon report that identified an average loss of $6 million per year from credential stuffing. Losses were attributed to lost customers, increased IT costs, and other issues.

Data Theft

Retail and e-commerce companies hold sensitive customer data and financial information. Data theft, either by direct data compromise or via ransomware attacks, is used to extort money or commit fraud and identity theft.

Supply chain attacks and insecurities

Etsy, TikTok Shop, Poshmark, and Embroly were victims of a massive data exposure incident that affected 1.6 million customer records. The cause was identified as a misconfigured Microsoft Azure storage container linked to a Vietnam-based embroidery seller. Supply chain insecurities can impact the entire chain and its customers. Poor security practices place sensitive customer information at risk of being publicly accessible. Once exposed, customer data is then used for follow-on attacks, including phishing and social engineering.

API Attacks

E-commerce and retail are part of a wide web of interconnected APIs that provide various capabilities to the online ecosystem. Cybercriminals target API vulnerabilities during various cyberattacks, including DDoS and man-in-the-middle (MitM) attacks. API attacks can lead to the exposure of sensitive data, manipulation of online sites, and prevent sales.

Downtime Costs

Attacks like DDoS and ransomware cause significant impacts on production and distribution. Downtime has a significant financial impact in an industry that relies on smooth and seamless operations. The VikingCloud report found that 68% of retailers report that business downtime or operational disruptions are the most likely outcome of a cyberattack. The average cost of downtime for a retailer is $5,600 per minute. AT a B&M store, a single unusable POS costs $855 per hour.

Financial Fraud

Retail and e-commerce are ideal targets for fraudsters, as they handle large volumes of financial transactions. Account takeovers, identity theft, and intercepted transactions lead to staggering levels of transaction fraud. An analysis of the situation from Juniper Research found that by 2028, the cost of financial fraud is forecast to rise to $91 billion annually.

Reputation Damage

The reputational damage to a company from a cyberattack is difficult to quantify. However, retail and e-commerce companies affected by any form of cyberattack can result in lost customer trust. Ticketmaster, for example, has faced legal actions and lost customer trust since the cyberattack exposed 560 million customers' data.

Robust Customer Identity Management

Phishing-resistant MFA and other anti-phishing measures are useful to help prevent both employees and customers from becoming victims of account takeovers and unauthorized access. Add to this risk-based policies that trigger additional authentication based on IP geolocation and device fingerprinting. One Identity provides identity security solutions for retail and e-commerce.

Enforce Encryption Use

Ensure that any data stored or transferred is encrypted. Use HTTPS for any customer-facing websites that require login or handle financial transactions.

Anti-Fraud Solutions

Financial transactions are at risk of fraud. Anti-fraud solutions include Know Your Customer verification checks (KYC), AI-enabled solutions that help detect fraud using machine learning, and software that looks for behavioral patterns that indicate anomalous and malicious activity.

Backup and Restore

To mitigate the impact of a ransomware attack, ransomware-resistant backup and restore solutions should be deployed.

Security Awareness Training

Security awareness training builds a culture where understanding security issues is part of everyday work. However, VikingCloud research shows that 78% of temporary employees did not receive social engineering training. This leaves a gap in security knowledge that cybercriminals can exploit. Employ security awareness training across the workforce and create suitable training for temporary employees. There are many vendors offering security awareness training for the sector, including TitanHQ.

Dark Web Monitoring

Data stolen from retailers and e-commerce sites' customers typically ends up on the dark web. This data is then sold to other cybercriminals or used to extort money from the business. Company information and system vulnerabilities are often discussed on the dark web to target companies in the sector; cybercriminals use forums to share sensitive data, sell access to systems, and launch cyberattacks. Sentinex is a tool that provides deep insight into the dark web, helping companies to identify potentially stolen data and potential incoming threats.

Account Monitoring

Cyber threats are continuously evolving. Solutions that offer continuous monitoring of accounts can identify rogue access events, unusual account behavior, and other indicators of cyberattacks.

Anti-Bot Tools

Preventing bot activity is vital for e-commerce. Vendors like Imperva offer integrated tools that help identify and stop sophisticated automated bots.