[an error occurred while processing the directive]
RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2020/11/16 14:08:41

Information security in e-commerce

Content

Information security

Main statyainformatsionny safety

Retail Information Security

Main article: Information security in retail

E-Commerce

2020

StormWall: during the pandemic, the number of DDoS attacks on online retail increased 4 times

On November 13, 2020, StormWall announced that it had conducted a study of DDoS attacks carried out on the resources of companies operating in the field of online retail. During the study, data from StormWall customers working in different segments of e-commerce were used. Experts found that during the pandemic, from February to October 2020, the number of DDoS attacks on online retail services increased 4 times compared to the same period in 2019.

According to the company, the growth of attacks is primarily due to the fact that during the crisis, competition between retailers online increased significantly, and DDoS attacks are often used in dishonest competition. In addition, hackers more actively attack the resources of companies in order to extort money. A non-working site can lead to a huge loss of profit, and hackers promise their victims that after receiving the required amount, the attack will stop and the site will work. Hackers can also try to steal the personal data of users of the online store, and use attacks as a distraction.

According to StormWall, between February and September 2020, the number of attacks on online clothing stores increased 5 times compared to the same period in 2019, the number of attacks on online electronics stores - 7 times, and the number of attacks on online furniture stores - 10 times. Attacks on online stores for the sale of goods for the car (4 times) and goods for repair (8 times) also increased. The number of attacks is constantly growing, however, during the pandemic, the growth became much larger.

Experts StormWall note the appearance of updated types of DDoS attacks in 2020 in the e-commerce sector, which suggests that every year attacks are becoming more sophisticated. If in 2019 mainly protocol attacks were carried out, HTTP then in the period from February to September 2020, in addition to HTTP attacks (97%), the number of protocol attacks (TCP 3%) and UDP (1%) were also significantly increased. This may be due to the fact that the number of attacks using the so-called "stressors" - paid utilities for generating high load available to unprofessional Internet users - has increased. In addition, from February to September 2020, the number of DDoS attacks using the HTTP protocol increased by 300% compared to the same period in 2019.

Rice. 1 Comparison of HTTP, UDP, and TCP attacks in 2019-2020 among clients StormWall
File:Aquote1.png
The e-commerce sector has always been extremely attractive to cybercriminals, and during the pandemic, hackers' interest in it increased further. Attackers are actively developing various methods of DDoS attacks, and retailers are finding it increasingly difficult to repel attacks that are a serious threat. The trend is that attackers try to find vulnerabilities that allow you to disable the resource with a small number of requests per second, which requires the use of intelligent DDoS protection, capable of proactive analysis and self-training.

noted Ramil Khantimirov, CEO and co-founder StormWall
File:Aquote2.png

Hacking 2 thousand online stores based on Magento

On September 14, 2020, it became known about a large-scale hacker campaign, in which over 2,000 online stores created on the basis of Magento were hacked in two days. More details here.

2019

Fortinet: Due to cyber threats, online shopping is increasingly like a combat operation

Fortinet security experts advise not only to introduce additional security measures for online shopping, but also to prepare for it in advance, conducting real intelligence of the reliability of the seller's website and eliminating vulnerabilities in their own gadgets[1].

Preparation

So, before starting shopping, you need to make sure that the devices, systems, browsers and applications used are updated to the latest versions. It is especially important to update and install patches for operating systems on all used gadgets.

In addition, you need to check the presence of antivirus and change passwords to more reliable. Also, a special map should be prepared for calculations. It will not be superfluous to create a special virtual machine on a computer or gadget that will limit cyber threats to their borders. And install multi-factor authentication on sites that are important to you. Doing this, "do not limit yourself exclusively to checking through SMS, use special tools such as Google Authenticator or YubiKey," experts advise.

When making online purchases, you need to verify availability SSLenciphering-: "For security reasons, additionally check that a secure connection is established before clicking on the" Buy "button. To do this, just look at the address line and make sure that at the beginning it is https ://, and not http ://. There should be a small icon next to the closed lock. If it is present, data transmission is protected. A good addition to the security of transactions will be the use of content filtering and ad blocking using popular plugins open source HTTPS with Everywhere and uBlock Origin, which are available for most browsers for free. " In addition, use VPN a connection (virtual private network) for purchases.

Seller Review

Special attention should be paid to the seller's website itself. Before using it, a number of actions must be taken. They are as follows: "Hover over the link and its URL will appear as a pop-up window or at the bottom of the email viewer or browser. Carefully examine the contents of the row before clicking on it. Does everything look okay? Is there too many hyphens or digits in the address, does it look too long? Does the URL of the site match the link or lead somewhere else? Do I not replace letters with numbers, for example, amaz0n.com? Carefully examine the URL before clicking on the link. You can copy it to the domain search service, for example, who.is. This will give full information, including when the site was created, where physically located, owner data. Show distrust of any links if they were created recently or registered in another country. "

In addition, you need to check the design of the site and its functionality, the description of the goods on it and the methods of payment for them. It is worth trusting only those sites where credit cards of the main types are accepted for payment. "Avoid sites that offer direct bank payments, money transfers, or services without the ability to track payments. If possible, better use PayPal or payment systems labeled Verified by Visa - this will further protect bank accounts and assets. "

It is worth paying special attention to the product itself and the price for it. "Remember, if an offer looks too good to be true, it usually is. Of course, sometimes there are really profitable offers. But in general, implausibly low prices and easy availability of rare goods are significant signs of possible fraud or the sale of counterfeits. "

In general, online shopping and the development of digital platforms transform our world, opening up quick access to a wider range of products than ever before in history. However, the expansion of opportunities also entails new risks to be considered.

Qrator Labs: Online retail in Russia is most susceptible to DDoS attacks and hacks

On November 13, 2019, Qrator Labs, a company specializing in countering DDoS attacks and ensuring the availability of Internet resources, presented the results of an information security study in the Russian e-commerce sector in 2019. The survey was organized among Russian retail representatives doing business on the Internet (medium and large businesses).

Qrator Labs Research

According to a survey conducted in the 3rd quarter of 2019, respondents representing medium and large e-commerce most often encountered DDoS attacks (34%) and hacks (26%) over the past year. At the same time, 10% note that in principle they did not record serious cybersecurity incidents.

Qrator Labs Research
File:Aquote1.png
"Serious, expensive DDoS attacks are usually carried out either for advertising purposes - a demonstration of the capabilities of attackers or a" pen sample, "or at the expense of the customer, as a rule, a direct competitor to the victim. In Russia, the main battle of retailers, in which any funds go, as usual, takes place not between large stores, but between small, often regional, companies. Modern Russian large e-commerce is a civilized environment, and DDoS attacks on it are mainly medium and low-level, unprofessional and manufactured, as a rule, for the purpose of extortion. With large and serious attacks, e-commerce companies noticeable in the market are more often encountered, "
File:Aquote2.png

Qrator Labs Research

More than half of respondents note an increase in DDoS attacks over the past year. At the same time, according to another third of respondents, the level of this threat has not changed in 12 months. A third of the retailers surveyed regularly faced DDoS attacks over the past year. 18% of respondents admit that they may not have correctly recorded or identified small incidents.

The majority of respondents from middle and large e-commerce consider extortion to be the main motive for such attacks. Unfair competition is in second place. In particular, companies from the product sector in general do not fear custom attacks from competitors.

File:Aquote1.png
"Extortion often becomes the main motive in attacks on medium and large retail. By organizing an attack, for example, during Black Friday, an attacker can demand serious sums for suspending the attack. If the store is not ready for attack, then even the very impressive requests of the attackers will be satisfied. Also, the attack can be timed to coincide with the launch of an active advertising campaign. At the same time, since the market is actively consolidating, the industry is stabilizing, the organization of attacks due to unfair competition is fading into the background and is observed mainly in regions and segments where small retail is active, "

noted Artem Gavrichenkov, Qrator Labs Technical Director
File:Aquote2.png

Qrator Labs Research

42% of respondents consider the most effective protection against DDoS attacks to be a hardware solution located on their own infrastructure. More than a quarter is an operator solution. 18% of respondents use the services of a distributed filtering network.

The first way retailers usually resort to is to organize self-protection by installing countermeasures on their own server. However, this type of security measures can neutralize only the simplest attacks and in most cases does not give a positive result. Some retailers prefer to rely on cloud scaling of server capacity, in clouds like Amazon, but in the event of a DDoS attack, the company will also have to pay for all "garbage" traffic, because no public cloud will work out parasitic packages for free.

Qrator Labs Research

Medium and large e-commerce already has enough funds to buy expensive "iron" for protection, however, as a rule, it purchases and installs equipment without a pre-ordered and calculated project, which includes an analysis of the potential risks of attacks. The products purchased, in fact, at best, nevertheless often withstand the load on them, since, due to the established market, serious attacks on large e-commerce are very rarely carried out.

When acquiring a WAF solution (Web Application Firewall), the majority of respondents (54%) are focused on protection against hacking, in second place is protection against password breaches . The topic of protection against parsing, which often mused throughout the year, concerns respondents from medium and large businesses much less. Respondents consider the main reason for the hacks to be a violation of the store's performance, and theft of the user base is also often mentioned.

Qrator Labs Research

More than 60% say that they encounter (constantly or periodically) bots that interfere with working activities. Modern retail really suffers from attacks organized with the help of bots and aimed at the applied level of sites, that is, on the web pages themselves.

Qrator Labs Research

Bots also collect passwords on large retail sites in order to steal accounts data that loyalty programs allow you to receive goods for accumulated points, or in order to buy goods from plastic card a hacked user tied to an online store. For the search, numerous bases are also used, including email password pairs, from other hacked resources - both those that are publicly available and private. There are also bots engaged in price analysis and product assortment - the so-called web scraping (parsing).

Notes