EMEA in Cyber Crosshairs As Retail Attacks Shift Focus to Region
- By CDOTrends editors
- June 28, 2023
A new front has opened up in the intensifying theater of cyber warfare. The first quarter of 2023 saw Europe, the Middle East, and Africa (EMEA) overtake North America as the prime target for web attacks on the retail sector. This shift is emblematic of the escalating cyber threats facing a rapidly digitizing global commerce industry.
Akamai Security Research’s report, Entering Through the Gift Shop: Attacks on Commerce, shows the spotlight has notably turned towards Germany, which became the epicenter of cyber attacks on EMEA retail, subjected to a staggering 70.88% of all Q1 2023 assaults. This surge appears to be tied to Germany's publicly stated support for Ukraine, demonstrating how geopolitical events can influence the landscape of digital threats.
Commerce remains the most impacted vertical for web application and API attacks, with over 14 billion such attacks recorded in Q1 2023 alone. The burgeoning digitization of the sector and the concurrent proliferation of web application vulnerabilities provide ample opportunities for attackers.
Types of retail attacks
The increase in Local File Inclusion (LFI) attacks, which skyrocketed by 314% between Q3 2021 and Q3 2022, attests to the evolution in attacker strategy. These LFI attacks provide cybercriminals with a foothold in systems and a route for data exfiltration.
Commerce's heavy reliance on third-party JavaScript also heightens the risk of client-side attacks, such as web skimming and Magecart attacks. Notably, half of the JavaScript the commerce sector uses comes from third-party vendors, expanding the attack surface for cybercriminals.
The frequent use of third-party scripts to improve customer experience and drive conversions introduces another layer of risk. Often, these scripts rely on open-source libraries, which may contain vulnerabilities attackers can exploit.
Retailers holding vast amounts of sensitive data are also becoming increasingly attractive targets for ransomware groups. A recent report revealed that commerce, including retail and hospitality, accounted for 16% of Conti ransomware attacks.
During Q1 2023, over 30% of phishing campaigns were aimed at commerce customers. Further, over 5 trillion malicious bot requests were observed within 15 months, with attacks on commerce customers often taking the form of credential stuffing, leading to fraud.
Mission critical
In light of these risks, robust mechanisms to detect attacks on payment pages and compliance with Payment Card Industry Data Security Standard (PCI DSS) version 4.0 have become critical. However, despite the heightened threat landscape, the commerce sector faces the challenge of limited security budgets. Though not as heavily regulated as financial services or healthcare, commerce requires equivalent levels of mature security, given its intricate ecosystem involving point of sale (PoS) terminals, Internet of Things (IoT) devices, mobile platforms, and web applications and APIs.
This rapidly evolving cyber threat landscape demands continuous updates to security strategies and penetration test plans. Training for developers on best security practices is also essential, particularly with changes to compliance standards such as PCI DSS 4.0.
Image credit: iStockphoto/gan chaonan