A new report has laid bare the cybersecurity risks facing the online retail sector as it gears up for another Black Friday (opens in new tab) shopping spree. The
Resarch from Imperva suggests that record traffic levels, driven by both the coronavirus pandemic and the holiday shopping season, as well as several concerning attack trends could wreak havoc for online customers.
According to Imperva, web traffic to retail sites surged by as much as 28% above the weekly average after stay-at-home orders were issued by governments earlier this year. Realizing that more individuals would be forced to carry out their shopping online, cyberattackers have renewed their efforts to carry out malicious activities.
- Keep your network secure with the best endpoint protection (opens in new tab) software
- We've put together a list of the best malware removal (opens in new tab) software
- Also check out our roundup of the best ransomware protection (opens in new tab)
“The holiday shopping season is a crucial revenue period for retailers every year, but in 2020, they face a two-pronged threat: managing unprecedented levels of human and attack traffic to their websites and APIs,” Edward Roberts, Application Security Strategist at Imperva, explained.
“As COVID reshuffled lives and daily habits, shoppers swarmed online retail sites at record levels. Amid this historic holiday shopping season, the retail industry is likely to experience a peak in human traffic that exceeds anything measured this year and unlike anything in recent memory. The question is how many attackers are going to hide within this expected traffic spike?”
Record threat levels
Several concerning attack patterns have been spotted targeting online retail of late. The first, and most persistent, involves automated bot attacks. Sometimes these are deployed specifically to cause disruption but, increasingly, retailers are also using them to spy on their competitors.
Imperva also notes that API and web attacks have both been viewed at record levels this year, often with the aim of acquiring sensitive customer data. High levels of DDoS, account takeover, and client-side attacks were also spotted.
Where the coronavirus has caused significant disruption to many people’s lives, cyberattackers have spied an opportunity. Whether it’s through the spread of misinformation, phishing attacks, or simple credit card fraud, threat actors will certainly be trying to use the increased traffic of this holiday season to their advantage.
- Also, check out our roundup of the best antivirus (opens in new tab) software