Retailers can anticipate a surge in bot-driven account takeovers (ATOs), DDoS assaults, card fraud and extra as they put together for the busiest procuring interval of the yr, a brand new report has warned.
Imperva’s State of Safety Inside eCommerce 2022 report was compiled from information based mostly on the seller’s engagements with purchasers within the sector.
It discovered that 40% of site visitors on retailers’ web sites over the previous 12 months got here from bots – automated software program that’s typically malicious in intent. Automated threats brought on 62% of safety incidents within the interval.
Bot-related assaults on retail websites surged 10% in October and one other 34% in November 2021, suggesting that bot operators will once more improve their exercise across the peak procuring interval this yr.
This contains ATO assaults, 64% of which had been linked to unhealthy bots final yr, utilizing methods similar to credential stuffing, the place beforehand breached passwords and usernames are tried towards completely different accounts throughout the online.
One other standard tactic is utilizing bots to purchase up in-demand stock after which promoting it on at a revenue.
DDoS assaults are a perennial risk for retailers, who may lose tens of millions throughout busy procuring durations if their web sites and apps are taken offline.
Imperva revealed that the variety of assaults higher than 100 Gbps doubled year-on-year in 2021, and assaults bigger than 500 Gbps elevated by 287%.
It added that organizations focused by an assault are sometimes hit once more inside 24 hours – 55% of websites focused by an application-layer DDoS and 80% by a network-layer DDoS had been attacked a number of occasions.
The report additionally highlighted the risk from uncovered APIs, which could possibly be used as a conduit for stolen cost information.
As soon as once more, the vacation procuring interval noticed a spike in exercise final yr. In 2021, API assaults elevated by 35% between September and October, after which elevated one other 22% month-on-month in November.
“The vacation procuring season is a crucial interval for the retail business, and safety threats may undermine retailers’ backside line once more in 2022,” mentioned Lynn Marks, Imperva senior product supervisor.
“This business faces quite a lot of safety dangers, nearly all of that are automated and function across the clock. Retailers want a unified strategy to cease these persistent assaults, one which focuses on the safety of knowledge and is supplied to mitigate assaults rapidly with out disrupting consumers.”
