Daily Newsletter

Daily Newsletter

Commerce remains top target for online attacks

A new report from Akamai Technologies shows that there is an increasing number and variety of attacks on the commerce sector, with retail accounting for 62% of these.

Claire Jenns June 13 2023

Retail is the most targeted within the commerce sector. Credit: Bill Hinton via Getty Images.

Akamai Technologies' report, 'Entering through the Gift Shop: Attacks on Commerce', finds that commerce remains the most targeted for web attacks, accounting for more than 14 billion (34%) of observed hacking.

Retail remains the most targeted in the commerce sector, accounting for 62% of attacks.

As organisations increasingly rely on web applications to drive customer experience and online conversions, hackers can target design flaws or security gaps to abuse web-facing servers and applications.

GlobalData’s thematic analysis of the retail sector finds that the frequency of such cyberattacks has been increasing since 2020, with notable attacks on JD Sports and WHSmith reported in Q1 2023.

In addition, Akamai finds that the most common attack is local file inclusion (LFI). This involves attackers exploiting vulnerabilities in how a web server stores or controls access to its files.

Reportedly, a few years ago, the most common attack was against structured query language, which is programming used to manage databases. Akamai states that the move towards LFI indicates a trend towards remote code execution and hackers leveraging LFI vulnerabilities to gain a foothold for data exfiltration.

What are the other key findings from the report?

  • Half of the JavaScript that the commerce vertical uses comes from third-party vendors. This introduces the increased threat of client-side attacks.
  • Attackers could also abuse security gaps in scripts, enabling a pathway for criminals to infiltrate bigger, lucrative targets in supply chains.
  • Akamai observed malicious bot requests surpassing 5tn events in 15 months, with assaults against commerce customers proliferating via credential stuffing attacks that can lead to fraud.
  • More than 30% of phishing campaigns targeted commerce brands in Q1 2023.

Akamai senior vice-president and general manager of application security Rupesh Chokshi comments: "The commerce sector is characterised by a complex ecosystem that leverages web applications and APIs to drive business. Cybersecurity leaders and practitioners must understand the critical threat trends impacting this industry.”

Uncover your next opportunity with expert reports

Steer your business strategy with key data and insights from our latest market research reports and company profiles. Not ready to buy? Start small by downloading a sample report first.

Browse reports

Newsletters by sectors

Just Style open-new-tab

Packaging Gateway open-new-tab

Just Drinks open-new-tab

View more newsletters

Sign up to the newsletter

I consent to Verdict Media Limited collecting my details provided via this form in accordance with Privacy Policy

close

Sign up to the newsletter: In Brief

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

close