As shopping season approaches once again, we’d like to give you some helpful advice when it comes to managing an e-commerce site, and how to avoid being the target of an attack. Due to the pandemic, more people are spending their time shopping for gifts online than ever before. Global e-commerce sales are projected to hit $4.2 trillion by the close of 2021. With the increase in shopping online however, also comes the increase in online attacks. These attacks can be the most threatening for not only the consumer, but especially the online business.
Types of E-Commerce Attacks
The kinds of attacks websites encounter only continue to increase in complexity and frequency. In my previous post, How Malware Gets On your Website, I touched on the types of attacks that occur on websites. This article will take a closer look at those attacks that are the most common in targeting online holiday shoppers.
A Distributed Denial of Service attack impacts a site by sending a large amount of fake traffic (AKA “botnets”) which overloads the server resources, bringing the site offline. In order to determine if you’re under a DDoS, you’ll need to identify any spikes in traffic, and determine if the sudden spike is organic or not.
It’s important to note some traffic generated by bots could also be the “good kind” from search engines like Google that regularly crawl and index web pages, or from SEO tools. These bots generally don’t have any negative impact on a site. Traffic spikes don’t always correspond with a DDoS attack however, as even a rush of traffic from legitimate visitors in a certain period can temporarily bring a site offline. In the case of e-commerce for instance, if a launch of a product goes live and there’s not enough server resources, or a CDN, to help alleviate the load on the hosting server, this would not be considered a DDoS attack.
The best way to mitigate this attack is by monitoring the network activity, relieving stress on the server by improving the server capacity, implementing a CDN as previously mentioned, or adding firewall protection that’ll help identify & block malicious requests. Ideally, it’s best to have both a CDN and firewall in place, as a CDN alone won’t be able to make the distinction between good and bad requests.
Malicious redirects are scripts that have been injected into a site’s core files, database, theme, plugins, .htaccess, or anywhere really. They will cause a visitor to be redirected to where they can be scammed or infected with malware, causing an online business to lose out on potential revenue. There’s many methods of this being injected into a site, but we’ll discuss how to lower the risk of this later.
Similar to malicious redirects, but not to be confused with, this can also drive traffic away from e-commerce website’s to be scammed. This is also referred to as “spamdexing” and attempts to manipulate search indexes to include content it shouldn’t.
This type of attack, also known as “CC theft” or “skimming,” can be found within a database, core files, plugin/extension files, and theme files. It’s virtually unnoticeable to an online customer as it captures and transmits stolen payment card data to a hacker as the client inputs it. We’ve seen this impact a lot of Magento and WooCommerce and other ecommerce site owners.
Defacements can be found primarily in the index.php or theme files, and can potentially go hand-in-hand with ransomware which we’ll touch on later. It’ll drive all site traffic away and it’s very apparent when this attack occurs, as these kinds of hackers want to essentially make a name for themselves. This kind of hack can impact SEO rankings and add a site to a blacklist.
This kind of malware isn’t specifically tied to e-commerce, but can be one of the most devastating to a business, and has become a hot topic in more recent years in infosec circles. This type of attack is associated with the defacement of a site and affects all site files, and why we recommend having recurring backups of your site configured. During the holiday season this sort of attack would be even more devastating to an e-commerce site. It not only causes a loss of traffic & revenue to the site, but also means the storefront is down for business. This forces business owners to pay twice within a small window of time to even recover the site at all.
Ransomware can also affect entire organizations internally. It’s become crucial for businesses to educate themselves in best practices for attack prevention. It has even been listed under the FCC as a resource to help businesses reduce their attack risk.
Building Trust With Your Consumers
Whether you’re the consumer or the online business, ensuring that sensitive information submitted through a site is protected & encrypted is key to building trust. PCI compliance is also a requirement for all e-commerce websites. In more recent years, SSL has played a pivotal role in a business’s SEO ranking. An SSL certificate will encrypt the information submitted in the site, ensuring it’s not snooped on when being transmitted.
As someone that’s spent countless years making online purchases I’ve grown accustomed to the green padlock displayed in the left corner of an address bar, and if an online store doesn’t have one, I stay away. As a bonus, some site owners may even add a “trust seal” somewhere on their website from their security provider, ensuring they take their security seriously.
How to Prevent an E-Commerce Attack
Being proactive against attacks should always be at the forefront of an e-commerce site owner’s mind, as it’ll help keep loss of traffic & revenue due to security issues to a minimum. One of the leading causes of infections can be out-of-date software, so it’s critical your CMS version, plugins, themes, and any other extension type is updated regularly.
As previously mentioned, keeping up to date backups of the site can also be helpful. Having at least 60 days available is preferred, so you have enough time to “rewind” back in case a compromise occurred.
Ensuring all passwords have great password strength and administrator privileges are kept as minimal as possible will lower the risk of an attack as well.
Of course, it’s also recommended that your site is regularly scanned for any modifications or malicious content, as well as hardening the site with a Website Application Firewall. Having both monitoring and a firewall in place will not only prevent malicious requests from getting through, but also detect anything that shouldn’t belong on the site in the first place.
As more businesses decide to bring their inventory online, it becomes increasingly important for business owners to understand the risks & responsibilities that come along with it. Stolen e-commerce data is in demand, and there will always be bad actors that will want to cash in on this kind of opportunity. Understanding both the types of attacks you may face as a site owner, and how to be proactive in preventing them will go a long way for your business’s online reputation and overall consumer trust.
If you’re concerned you’re currently being impacted by an infection or attack, please don’t hesitate to reach out to our team to clean it up for you.