The last quarter of 2021 could be devastating for the retail industry, according to a 12-month analysis done by security experts. Cybercriminals have been targeting the industry to disrupt operations and perform multiple cyberattacks to take advantage of the ongoing supply chain crisis worldwide.
The retail industry has been long prone to increasing cyberattacks, including website outages due to DDoS attacks, phishing scams, online frauds, and more. These cybersecurity incidents could result in profit loss that can widely impact the supply chain in the long run.
Disruptions caused by cyberattacks in the retail industry could delay loads of shipments and leave physical and digital stores empty – especially for the last quarter of the year.
Among many from the list, malicious bots are one of the most utilised means of attacks against the retail industry for 2021. These bots carry multiple disruptive ways and activities to strike retail brands and businesses, such as scalping, price scraping, inventory denial, and other types of fraud done online.
Based on studies, the monthly bot attacks against retail websites spiked to 13% for 2021, compared to the same months of the past years. These findings have highlighted the rising risks for both the retail industry and its consumers being prone to cyberattacks for this year, like malicious bots.
Additional reports say that about 57% of bot attacks were found against eCommerce websites for this year. Account takeover is another fraud that risks consumers who own login accounts with their credit card credentials registered on eCommerce websites. Online retailers have suffered a higher degree of account takeover attacks, with about 32.8% of the rate recorded for 2021, compared to the 25.5% of average takeover attacks throughout the rest of other industries.
Additionally, DDoS attacks are also among the most recorded cybercrimes that have affected the retail industry this year. Studies have revealed that there was a spike of 200% for DDoS attacks last September. This activity uptick links to the massive Meris botnet that attacked several organisations worldwide.
Furthermore, the retail industry has also gone through the highest application layer – layer 7 – of DDoS incidents per month compared to other industries for 2021. Layer 7 attacks are known to be an effective activity because they exhaust the victims’ server resources and networks. Organisations find it hard to defend themselves against all application-layer attacks due to distinguishing between normal traffic and attack traffic.
Lastly, attacks on websites are also found to be a significant threat for organisations for 2021. Compared to other industries, website attacks are higher and were considered by more erratic attack peaks. Data leaks for 2021 among retail sites have seen a higher volume with about a 31.3% rate, while other industries have an average of 26.9%. eCommerce websites are found to be easy targets of attacks because of their capability to host the payment details of shoppers and consumers and their loyalty reward points.
The security analyst who conducted the research said that the upcoming holidays would be a nightmare for both retail brands and their consumers, considering the data they have found. Because of the increased cyberattacks, organisations within the retail industry would likely struggle to sell their services around the last quarter of 2021.
For this reason, experts encourage businesses in this industry to invest in cybersecurity measures and tools they can acquire that ranges from APIs to data protection.
