Report: 62% of Retail Cybersecurity Incidents Come From Automated Threats
Check out all the Smart Security Summit on-demand sessions here.
A 12-month analysis by Imperva Threat Research of security threats targeting retail reveals that attacks against websites, applications and APIs throughout the calendar year, and particularly during the season parties, constitute an ongoing business risk. 2022 State of Ecommerce Security Reportreveals automated threats including account takeover, credit card fraud, web scraping, data abuse APIs, Grinch bots and Distributed Denial of Service (DDoS) attacks caused 62% of security incidents for online retailers. This is more than double the percentage of automated attacks seen in other industries.
The rise of automated cyberattacksLast year, nearly 40% of traffic to retailer websites came from bots, operator-controlled software applications that perform automated tasks, often with malicious intent. Along with the continued increase in bot traffic, there is more sophistication in the bots attacking retailers, including a sharp increase in the percentage of attacks with their hidden sources, which are harder to detect and stop. In fact, attacks targeting online retailers from anonymity executives have increased from 3.5% to 32.9% over the past 12 months. In comparison, those attacks targeting other industries grew at a slower rate (from 1.6% to 13.6%).
Online retailers face higher security risks during the holiday shopping season. In 2021, bad bot traffic on e-commerce sites increased by 10% in October and another 34% in November. Additionally, Imperva estimates that a DDoS attack during the week of Black Friday can result in an average of 13 hours of site downtime.
Retailers, be careful with your APIsRetailers should also take care to protect their APIs. In 2021, API attacks increased by 35% between September and October, then increased again by 22% in November. This trend suggests that malicious actors are ramping up attacks during the holiday season, trying to use the API as a way to exfiltrate customer data and payment information.
EventOn-Demand Smart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies. Watch the on-demand sessions today.
Check out all the Smart Security Summit on-demand sessions here.
A 12-month analysis by Imperva Threat Research of security threats targeting retail reveals that attacks against websites, applications and APIs throughout the calendar year, and particularly during the season parties, constitute an ongoing business risk. 2022 State of Ecommerce Security Reportreveals automated threats including account takeover, credit card fraud, web scraping, data abuse APIs, Grinch bots and Distributed Denial of Service (DDoS) attacks caused 62% of security incidents for online retailers. This is more than double the percentage of automated attacks seen in other industries.
The rise of automated cyberattacksLast year, nearly 40% of traffic to retailer websites came from bots, operator-controlled software applications that perform automated tasks, often with malicious intent. Along with the continued increase in bot traffic, there is more sophistication in the bots attacking retailers, including a sharp increase in the percentage of attacks with their hidden sources, which are harder to detect and stop. In fact, attacks targeting online retailers from anonymity executives have increased from 3.5% to 32.9% over the past 12 months. In comparison, those attacks targeting other industries grew at a slower rate (from 1.6% to 13.6%).
Online retailers face higher security risks during the holiday shopping season. In 2021, bad bot traffic on e-commerce sites increased by 10% in October and another 34% in November. Additionally, Imperva estimates that a DDoS attack during the week of Black Friday can result in an average of 13 hours of site downtime.
Retailers, be careful with your APIsRetailers should also take care to protect their APIs. In 2021, API attacks increased by 35% between September and October, then increased again by 22% in November. This trend suggests that malicious actors are ramping up attacks during the holiday season, trying to use the API as a way to exfiltrate customer data and payment information.
EventOn-Demand Smart Security Summit
Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies. Watch the on-demand sessions today.
What's Your Reaction?
