Cybersecurity threats

Cybersecurity threats loom larger on e-tailers this holiday

by | Dec 22, 2020 | IT Security

The unprecedented surge in online sales has provided cybercriminals with the perfect terrain to launch sophisticated cyberattacks on e-retailers for monetary gains.
Share to lead the transformation

Cybersecurity threats are looming large to get the advantage of homebound shoppers, who are mainly relying on virtual shopping this holiday season to prevent coronavirus spread. From great shopping days to Black Friday sale, every year, the entire December and January month help retailers generate huge revenues and buyers getting deep discounts.

This year, there is a reason for e-retailers to be more vigilant against cybercriminals who could take advantage of the massive human traffic on their sites to conduct fraudulent online transactions.

According to the latest security report on the 2020 Holiday Season from McAfee, a global computer security software company, there were 419 threats per minute in Q2 2020, increasing almost 12 percent over the previous quarter. It notes that the ongoing COVID-19 pandemic has compelled more people to opt for online shopping this year. Over 68 percent of Indians have increased their shopping activity this year. These threats are likely to scale new heights during the ongoing holiday season.

The spike in web traffic can be a source of joy for many e-retailers who have been hit hard due to the pandemic’s driven economic instability. However, it has also expanded threatening surfaces that could lead to cybersecurity disasters.(See: How COVID-19 has changed cybersecurity focus for 2021 and Combating cyber threats in the new normal)

Threats in the era of new behavior

It is evident that with increased e-commerce operations during the COVID-19 pandemic, the retail sector has become very lucrative for cybercriminals. This is primarily because these sites retain sensitive customer information such as name, contact details, and credit card/ debit card numbers.

According to findings by cybersecurity firm Imperva Research Labs, the volume of attacks on retailers’ APIs has far exceeded average levels this year. While the majority of the attacks occurred from bot activity, leading attack vectors for retail API attacks in 2020 to include cross-site scripting (XSS) (42%) and SQL injection (40%).

DDoS attacks, phishing, and emailer frauds have also peaked at new scales this year. Imperva observed an average of eight-layer attacks per month against retail sites, with a significant peak in April 2020 as lockdown measures led to an increase in demand for online shopping. It is, therefore, essential for e-retailers to devise a robust strategy to address these cybersecurity threats.

In April this year, Japanese multinational consumer electronics and video game company, Nintendo, suffered a massive cyberattack on its official website, leading to data theft of over 300,000 Nintendo customers.

Many of these accounts were put in jeopardy and used as unsolicited purchases. Cybercriminals also leaked sensitive customer data such as name, password, date of birth, and payment information on the Dark Web, making a loss of brand reputation and goodwill of the Kyoto-based society. With the number of transactions witnessing a steep hike, both consumers and organizations are seeing the rise of holiday cybersecurity threats and need extra surveillance in order to stay secure.

Fraud prevention strategy

Regardless of what many industry observers say, e-retailers continue to hurt most by cybersecurity threats. For them, the only way out of cybercriminals’ grip is by employing the best class identification solutions that can fully secure their cloud infrastructure without impacting convenience.

E-retailers need to keep their cloud infrastructure up to date and proactively explore intelligent cybersecurity solutions to prevent their websites from hijacking.

Some of the best cybersecurity practices that e-retailers can espouse through advanced security solutions:

Address verification service (AVS): One of the most prevalent measures to keep fraudsters at bay is AVS. It’s an automated mechanism that matches the billing address with the payment instrument’s address, say, a credit card, to identify suspicious transaction activity.

Location monitoring: Those transactions where the shipping, billing, and the IP address are in proximity are usually safer transactions. If there is a significant remoteness between those addresses, the account or transaction must be supervised more closely. Various solutions are supported by advanced AI and analytics technologies available today that can help e-retailers monitor transactions on their sites and check for suspicious behavior.

IP address legitimacy: Fraudsters often mask their IP address to place orders with online retailers to avoid being tracked. Using cutting-edge technologies such as zero-trust and cryptographic network protocols, online retailers can prevent and mitigate such spoofing attacks. (See: Covid-19: Reimagining work with a zero-trust lens)

Multifactor authentication: A robust multifactor authentication protocol ensures digital users’ authenticity and provides secure access.

Keep your users informed: All e-retailers must keep their customers up-to-date on the latest cyberattacks and measures to navigate with caution. Information about how to keep a strong password and secure their information should be communicated frequently to customers.

There are many other modern-day tools available that can help e-retailers secure their networks from holiday cybersecurity threats. They should consult with their cybersecurity partner to ensure a secure online retail experience and prevent cybercriminals from taking unassailable advantage.

 

MORE FROM BETTER WORLD

Climate Change: Javadekar takes charge

Climate Change: Javadekar takes charge

Prakash Javadekar today assumed charge as the Union Minister of Environment, Forest and Climate Change here today. He was greeted at the office at Paryavaran Bhawan by Environment Secretary Shri C K Mishra and other senior officials of the ministry. Babul Supriyo also assumed charge as Minister of State.

Briefing the media after assuming the charge, the Union Minister said it is like a home coming for him as he already served in the ministry for two years in the first term of NDA government. He stressed that we will strongly reinforce that this ministry is seen as a facilitator and not merely as a regulator. “Economic growth and environment protection should go simultaneously, and we need to work with an increased impetus towards that”, said Javadekar.

After assuming the charge, the Minister also held a meeting with the senior officers of the Ministry where he was briefed on the key initiatives and policy issues of the Ministry.

Infosys Foundation Opens Aarohan Awards 2019

Infosys Foundation Opens Aarohan Awards 2019

social-impact

The awards would recognize solutions that could positively impact the underprivileged in India. (Representative image)

Infosys Foundation, the philanthropic and CSR arm of Infosys, has announced the launch of the second edition of the Aarohan Social Innovation Awards. The award is aimed at accelerating innovation in the social sector. The Aarohan Social Innovation Awards 2019 seek to recognize and reward individuals, teams or NGOs developing unique solutions that have the potential to positively impact the underprivileged in India, at scale.

Speaking at the launch of the second edition of the awards, Infosys Foundation Chairperson Sudha Murty said, “The Aarohan Social Innovation Awards 2018 was a huge success. Infosys Foundation witnessed a very good response from social innovators across the country and eventually, 12 leading innovators were recognised and awarded. The overwhelming response we got last year, has reaffirmed my belief that there are innumerable innovators across India who are looking up to this platform to give wings to their passion by scaling their innovation and impacting millions of lives. With the second edition of the awards, we hope to discover these hidden social innovators across the country and help them scale the power of their social innovations”

The awards will accept submissions across six categories, namely, Healthcare, Rural Development, Destitute Care, Women’s Safety & Empowerment, Education & Sports, and Sustainability.

The submission process for the second edition of these awards commences on July 15, 2019 and will continue till September 30, 2019. Participants can submit entries describing their work in the form of videos that can be uploaded on the Aarohan Social Innovation Awards website. The entries must be of a fully functioning prototype, not just a concept, idea or mock up. Additionally, the project must not be an established commercial venture.

Aarohan Social Innovation Awards will also offer winners an opportunity for residential technical mentorship at the IIT Hyderabad campus for up to 12 weeks to help them further develop and scale their solutions.

A panel of distinguished judges will evaluate and select the winners whose submissions will be assessed on five broad criteria – application to a social problem or need, innovative use of technology, originality of ideas, ease of use and the quality of presentation. The jury will comprise Prof. Trilochan Sastry, former Dean, IIM Bangalore; Padma Shree Arvind Gupta, an Indian toy inventor and science expert; Prof. Anil Gupta, visiting faculty member, IIM Ahmedabad, a globally renowned scholar of grassroots innovations and founder of the Honey Bee Network; Prof. GVV Sharma, Faculty member of the Department of Electrical Engineering and Coordinator, Teaching Learning Centre, IIT Hyderabad; Sumit Virmani, Senior Vice President and Global Head – Marketing, Infosys, and Infosys Foundation Chairperson, renowned author and philanthropist Sudha Murty.

0 Comments