Retailers can count on a surge in bot-driven account takeovers (ATOs), DDoS assaults, card fraud and extra as they put together for the busiest buying interval of the 12 months, a brand new report has warned.
Imperva’s State of Safety Inside eCommerce 2022 report was compiled from knowledge based mostly on the seller’s engagements with purchasers within the sector.
It discovered that 40% of visitors on retailers’ web sites over the previous 12 months got here from bots – automated software program that’s usually malicious in intent. Automated threats precipitated 62% of safety incidents within the interval.
Bot-related assaults on retail websites surged 10% in October and one other 34% in November 2021, suggesting that bot operators will once more improve their exercise across the peak buying interval this 12 months.
This contains ATO assaults, 64% of which have been linked to dangerous bots final 12 months, utilizing methods similar to credential stuffing, the place beforehand breached passwords and usernames are tried towards completely different accounts throughout the net.
One other fashionable tactic is utilizing bots to purchase up in-demand stock after which promoting it on at a revenue.
DDoS assaults are a perennial risk for retailers, who may lose thousands and thousands throughout busy buying durations if their web sites and apps are taken offline.
Imperva revealed that the variety of assaults better than 100 Gbps doubled year-on-year in 2021, and assaults bigger than 500 Gbps elevated by 287%.
It added that organizations focused by an assault are sometimes hit once more inside 24 hours – 55% of web sites focused by an application-layer DDoS and 80% by a network-layer DDoS have been attacked a number of occasions.
The report additionally highlighted the risk from uncovered APIs, which may very well be used as a conduit for stolen cost knowledge.
As soon as once more, the vacation buying interval noticed a spike in exercise final 12 months. In 2021, API assaults elevated by 35% between September and October, after which elevated one other 22% month-on-month in November.
“The vacation buying season is a crucial interval for the retail business, and safety threats may undermine retailers’ backside line once more in 2022,” mentioned Lynn Marks, Imperva senior product supervisor.
“This business faces quite a lot of safety dangers, nearly all of that are automated and function across the clock. Retailers want a unified strategy to cease these persistent assaults, one which focuses on the safety of knowledge and is provided to mitigate assaults shortly with out disrupting consumers.”
