The cybersecurity company, Imperva Inc., has sounded an alert on the rise of harmful bots targeting e-commerce platforms. Its 12-month analysis reveals these automated threats pose considerable risks to online retailers, manipulating business operations and spreading different types of cyber-attacks.
Online retailers, with their intricate network of API connections and third-party dependencies, are more susceptible to client-side and business logic abuse attacks. Cybercriminals are particularly keen on compromising user accounts to gain access to personal information and payment data, leading to increased support costs, degraded online services and ultimately, customer churn. According to the Imperva report, attacks often surge during the holiday shopping season.
Speaking on the prevalent security issue, Karl Triebes, SVP and GM of Application Security at Imperva, warned: "The security risks that the retail industry faces are more sophisticated, automated, and harder to detect." He added: "The significant increase in bot sophistication over the past year should be a cause for concern. This breed of automation is harder to stop and capable of abusing business logic, attacking APIs, and taking over user accounts."
The most common retail site attack in the last year involved business logic - an exploit targeting an application or API’s intended functionality and process instead of its technical vulnerabilities. Attackers exploit business logic to manipulate pricing or access restricted products. Attacks of this nature reportedly make up 42.6% of all attacks on retail sites, markedly up from 26% in the previous year. The rise in business logic attacks has been linked to the increase in traffic to retail sites from APIs.
The report also underlines the problems posed by automated attacks on business logic, focusing specifically on the abuse of API connections. Also, the use of 'bad bots' (automated software applications) to manipulate business logic was reported in 17% of all API attacks.
In a first, more than 50% of bad bot traffic on retail sites was linked to advanced bots - a type of automated software that can bypass basic defence systems and initiate dangerous disruptions. These advanced bots, including the notorious Grinch bots, are prepared to disrupt holiday sales events and quickly buy the season's most coveted items for resale at a significant profit.
Furthermore, there was a 66% increase in Account Takeovers (ATO) on Black Friday 2022. In these attacks, cybercriminals used stolen passwords and usernames to hack online accounts. Similarly, there was a sinister rise in digital skimming threats, with almost 400 resources being loaded per retail site on the client-side. Lastly, the application layer DDoS attacks on retailers saw a massive increase of 417%.
Looking ahead to the 2023 holiday season, there are indicators that attacks on online retailers will continue to rise. The growth in bad bot attacks on retail sites since July by 14% and the persistently high numbers of application layer DDoS attacks back this prediction.