It seems that cybercriminals never sleep no matter where you are in the world. The Information Commissioners Office released data showing that
cyberattacks and breaches nearly doubled from 2015 to 2016 in the U.K.
In similar news, the Hong Kong Computer Emergency Response Team Coordination Centre showed a 43% increase in security incidents year-over-year and the Global Risk 2016 report highlighted that out of the $445 billion in global losses for 2014, nearly one-quarter of that number was lost by US brands. The news that retailers must be prepared for the upcoming holiday season should come as no surprise to anyone.
Isn’t it obvious why retailers are targeted so often? First off, they hold payment card information, which has a resale value to fraudsters. Secondly, outages can cost retailers huge losses and this forces them to consider paying extortion fees to avoid an outage.
Downtime, breaches and outages not only cost retailers lost sales, but they also damage a brand’s reputation with customers, which can be even more detrimental to long-term customer retention. According to the 2016 KPMG Consumer Loss Barometer, 19% of consumers will completely stop shopping at a retailer after a breach and 33% will avoid that retailer for at least three months.
Cybercriminals continue to evolve their strategies for taking advantage of flaws or weaknesses in web servers or security equipment. Unpatched webservers, home PCs and even poorly secured IoT devices are used to build massive bot networks that are rented between criminal organizations to preform attacks at will. This makes it simple for even unskilled hackers to pull off a large scale attack.
What can retailers do to protect their businesses?
In the security world, it’s called defense in depth. The P
CI Security Standards Council provides guidelines and best practices for retailers, but these are just starting points in securing your site.
Web Attacks: Web application attacks, like the name implies, target vulnerabilities in your web application stack through methods such as SQL injection or cross-site scripting among thousands of other potential exploits that a standard firewall will not protect against. For example, these types of attacks slip through as standard HTTP or HTTPS web requests and try to gain access to back-end databases or write malicious code into your webpage compromising your consumer’s computer.
Distributed denial of service (DDoS) attacks target single points of failure in your data center such as firewalls, routers or webservers with massive volumes of useless traffic causing your site to become unavailable to your legitimate consumers. DDoS attacks highlight the need for scalability and extending security beyond the datacenter. Solutions based on hardware can be very expensive to scale and are susceptible to becoming a single point of failure.
In addition to protecting your own data center and applications, retailers need to ensure that other key services their websites utilize such as DNS (Domain Name Service) are properly protected from DDoS attacks and can scale with traffic. DNS is the Internet's system for converting alphabetic website names into numeric IP addresses. For example, when a Web address (URL) is typed into a browser, DNS servers return the IP address of the Web server that is associated with that name. If the DNS server is unavailable because of a DDoS attack, the website is essentially offline because customers won’t be able to find it.
What to look for Here some key features to look for in a web application firewall (WAF) and DDoS solution:
• Cloud-based solutions offer the best scalability and performance; you don’t want your WAF or DDoS solution to degrade your website performance;
• Application layer controls should offer both pre-defined rules for known threats and configurable rules for new and emerging threats;
• Network layer controls should automatically deflect DDoS attacks at the edge without compromising performance;
• The ability to integrate your event logs with your event management solution to increase your awareness of potential threats;
• Think beyond your own infrastructure and make sure any third--party providers you rely on for critical processes like DNS name resolution or global traffic management are properly protected against DDoS attacks and provide sufficient SLA’s for uptime;
• Automation is essential for known threats, but administrators should have the ability to monitor and react to threats in real-time; and
• Security rules should be continuously refined based on all the attack traffic your vendor sees across their entire platform.
There is a lot to be thankful for during the holiday season and online security is certainly top of the list. If you are an online retailer, make sure your holiday readiness plans emphasize security so you can avoid headlining in the wrong kind of article during the holiday season.
Jason Miller is chief strategist of commerce at Akamai Technologies, an American content delivery network and cloud services provider headquartered in Cambridge, Massachusetts.