In the ever-evolving landscape of online commerce, retailers worldwide are facing an escalating threat in cybersecurity. Recent data indicates that 60% of attacks targeting these businesses involve commercial logic, surpassing the global average of 37%. This alarming trend highlights the growing challenges the e-commerce sector is grappling with on a global scale.
Moreover, a substantial portion of unwanted traffic on retail sites globally is now linked to advanced bots, surpassing the worldwide average of 53%. These ‘bad bots’ pose a significant security issue online, often utilized for malicious activities.
The evolution of attacks is also concerning. Over the last 12 months, there has been a staggering fourfold increase in level 7 DDoS attacks on global retailers. Additionally, application-layer DDoS attacks have surged nearly tenfold during the Christmas shopping period compared to the previous year. These automated attacks, particularly those targeting the commercial logic of applications, pose a major threat to businesses.
Cybercriminals seek to exploit vulnerabilities in applications, APIs, and data within the e-commerce sector, with potentially disastrous consequences for targeted companies.
Karl Triebes, SVP and GM of Application Security at Imperva, warns, “The security risks faced by the e-commerce sector are becoming increasingly sophisticated, automated, and challenging to detect. This advanced automation can significantly impact retailers’ financial performance, jeopardizing end-of-year sales.”
The outlook for the 2023 holiday season also raises concerns on a global scale. A recent surge in malicious bot attacks, notably on e-commerce sites based in the United States and worldwide, suggests a potential disruption of sales during Black Friday and Cyber Monday. Application-level DDoS attacks are on the rise compared to the same period in the previous year, further exacerbating risks for the holiday season across the globe.