TOP eCommerce Cyber Threats to Be Aware of in 2019

Developing an eCommerce website is easier than it has been ever before. There are some marketplace solutions for startuppers and businessmen which do not require spending years at a college learning programming and coding. But the boom of eCommerce websites made them a bonne bouche for hackers, spammers, and other bad guys trying to make their profit of deceivable consumers and reckless businessmen. 

No matter how good is your marketing strategy and how awesome is your design, the entire website, as well as your business, can be ruined due to a simple DDoS attack, SQL injection or other threats. 

Security issues are the challenge number one for eCommerce. As far as massive data breaches have been continued to happen, businesses have to make head against it. It looks like “an armaments drive” in cyberspace. But even a single discomfiture can lead to incommensurable damage. Thus, in January 2019, hackers infected 227 eCommerce sites by compromising their advertising partners. The damage is estimated to cost hundreds of thousands of dollars.

How can you suspect that your website has been hacked?

Being a site owner you probably trace the users’ activity with the help of metrics. If you have noticed a sudden downward in sales, do not hurry to associate this fact to a seasonal demand drop or recent prices increase, the reason for this is rooted in an eCommerce security threat. But the downturn in sales is not the only sign that should be a matter of concern. Some core hints to look out for are:

  • You notice that products that have not been enlisted appear on the website.
  • Your customers complain about poor website performance.
  • Your data is going out to fishy domains (it can be identified by using tools for packet analysis like WireShark).
  • Your customers complain about paying for a good but you did not receive their payment. 
  • Your online store is banned by your hosting provider or blacklisted in Google catalogs. 
  • You notice that your breached database is available for sale on the Dark Web. 
  • The server is overloaded due to repeated requests from the same IP addresses (the sign of brute force attack attempts). 
  • You notice malicious ads popping up on your store website. 
  • On the dashboard, you have seen an unknown admin account that you did not create. 
  • You can see from the system logs un unusual connection to the C-Panel from an unknown IP. 
  • Your customers complain about their Credit Card info has been stolen or malicious redirects which are reasons for a high bounce rate. 
  • You notice a bunch of pages with unknown content on the store site.

What are the most common cyber threats that can ruin your eCommerce website?

DDoS attacks

Some people find DDoS old-fashioned and do not treat them seriously. But they are wrong… Analytics predicts that the total number of attacks of this type globally will reach 17 million by 2020. Besides eCommerce companies, hackers turn their focus on media holdings, trade organizations, banking. They attack servers, systems and entire networks overwhelming them with tons of traffic to make them unable to serve legitimate requests. Intruders use LOIC (Low Orbit Ion Canon) and other tools which send UDP, TCP, or HTTP requests to the victim server.

DDoS attacks seem to be harmless but they can ruin both financial stability and business reputation. The simplest defense against DDoS is strong website architecture and a firewall enabled. To back up data is also essential. If an intruder manages to damage your server, at least you can recover everything that has been destroyed. Many businesses prefer to migrate their applications to the cloud in order to protect them from an unexpected DDoS attack.  

Man-In-The-Middle Attack

With this type of attack, a hacker positions himself in the middle of the connection (often between a browser and a server) to intercept and modify data. The attacker can sit silently doing nothing but collect information to use it for his benefit. Typical targets of Man-In-The-Middle attacks are eCommerce and SaaS-businesses, as well as financial application users. 

Unfortunately, there is no “the one and only” solution to these attacks. The fundamental one is to adopt SSL/TLS certificate which is aimed at protecting HTTP traffic. But keep in mind that some advanced Man-In-The-Middle attacks are able to work around the certificates. Some companies implement HSTS (Strict Transport Security) which blocks any unsecured HTTP connections, as well as prevents cookie theft. 

Individuals can also protect their devices from the attack by using a Virtual Private Network (a VPN) which creates a secure tunnel and encrypts all incoming and outgoing data. A variety of VPNs allows users to choose the best one for their purposes. For example, Surfshark is one of the market leaders which adheres to strict no logs policy, provides more than 1,040 servers all over the world, and has moderate prices.

SQL-injections

A SQL-injection is a specific technique aimed at cracking a database of the site. Having caused by loopholes in back-end coding, the injection allows a hacker to use input fields such as contact form, feedback fields, site searches, for inserting malicious code. As far as the code executes the SQL-commands, a hacker can gain full control over the infected eCommerce site. They can update, delete, retrieve, and create content with malicious links. 

There are a lot of tools for scanning websites to identify whether it has been attacked or not (WordPress Security Scan and Qualis, for example). 

Malware

Malware is any malicious software (droppers, worms, Trojans, adware, Boot-Record Infectors, and so on) that has been installed in the system without a user’s consent. It can be the reason of serious troubles such as poor site performance or extraction of customers’ personal data. Thus, recently, hackers infected 7,339 Magento-based online stores in the last 6 months with skimmer script which is designed to siphon payment-card data from users who ordered something on the infected sites. Malware can lurk in a useful app, attach itself to other software. and replicate itself across the network.

The best way to protect your online store is to keep the firewall enabled to monitor outgoing and incoming traffic and an updated antivirus that is likely to prevent a possible infection. 

Cross-Site Scripting (XSS)

XSS vulnerabilities are one of the most common threats for WordPress, OpenCart, and Prestashop plugins. It is so crucial that even Google is ready to pay a $10,000 reward for detecting an XSS vulnerability. In comparison with SQL-injections, XSS attacks do not harm a server, but they pose a threat to the users of the infected site.

The scheme of the attack is the following: a victim downloads a webpage with malicious javascript embedded. As soon as the script is installed in the system, it steals data from the browser. To convince a victim to download the page, a hacker uses various tricks, for example, they can send an email from the hosting administrator which looks like an official one asking the victim to check account settings. When an attacker gets access to admin’s cookies, they can easily control the site panel as well as its content. 

How do you defend your eCommerce website from cyberattacks? Tell us about it in the comments below!

Robin Robin is a Technical Support Executive. He is an expert in knowledge management and various Knowledge base tools. Currently, he is a resident knowledge management expert at ProProfs. In his free time, Robin enjoys reading and traveling.

To get news and fresh articles first, follow CS-Cart on Facebook and Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *