EMEA was the most targeted region for web attacks on retailers in Q1 2023, surpassing North America, a new study by Akamai has found.
The research report, Entering Through the Gift Shop: Attacks on Commerce, found that there were over 14 billion web attacks targeting the commerce sector globally in Q1 2023. This means the industry is the top vertical for these forms of attack (34%), which Akamai attributed to the sector’s continued digitization and growing availability of API vulnerabilities.
Retail, a sub-category of commerce, experienced 62% of these attacks. Of these, around half (49%) targeted the EMEA region in Q1 2023. This compared to 42% in North America.
The report found Germany as the “driving force” behind the Q1 2023 trend, targeted in 70.88% of attacks on EMEA retail in Q1 2023. Akamai researchers highlighted the country’s publicized support of Ukraine as a likely key factor in this.
A recent survey by the Association of Technical Inspection Agencies (TUV) and Germany’s Federal Office for Information Security (BSI) found that more than one in 10 German businesses fell victim to a cyber-attack in 2022, also attributed to the country’s support of Ukraine.
Risks to Retail
Richard Meeus, director of security technology and strategy EMEA, Akamai, told Infosecurity that retail is a particularly lucrative industry for threat actors because of its “privileged access to sensitive data like personally identifiable information and payment account details.”
He added, “bad actors also know that the retail industry is in constant flux and needs to respond to changing customer demands.”
The enormous spike in attacks on German retailers could happen to any country, Meeus noted, and it could be viewed as an indication of things to come.
Speaking during the November 2022 Infosecurity Magazine podcast, independent advisor & international speaker Neira Jones, highlighted how changing consumer behaviors and resulting digitization strategies had increased cyber-risks for retailers in the past few years.
“During the pandemic, both consumers and businesses substantially increased their online activities – those that weren’t previously digital suddenly became digital. As a result, the number of card payment transactions also increased and that was a completely natural phenomenon,” she noted.
This included a much greater reliance on cloud technologies, added Jones.
As well as improving security tooling, Meeus said there must be increased cybersecurity regulation for the retail sector, given the level of risk the sector faces.
“When compared with other verticals like financial services or healthcare, we found that ecommerce is less heavily regulated despite needing the same cybersecurity maturity levels,” he told Infosecurity.
Common Attack Vectors
The most common web attack vector targeting the retail sector in EMEA from January 2022 to March 2023 was local file incursions (LFIs), making up 59% of attacks.
Overall, LFI attacks targeting commerce organizations surged by 314% between Q3 2021 and Q3 2022. The researchers said this indicates that attackers are leveraging LFI vulnerabilities to gain a foothold and for data exfiltration.
Regarding the wider EMEA commerce sector, which encompasses retail and hospitality, web application and API attacks (51%) were by far the top attack verticals in the period January 2022 to March 2023.
API security forms a significant part of the conference program at next week’s Infosecurity Europe.
The report also found that commerce organizations use significantly more third-party scripts (51%) than other verticals (31%). These third-party scripts create extra security risks as they give organizations little visibility into the development and testing of the code and potential vulnerabilities.
Additionally, in Q1 2023, Akamai found that over 30% of phishing campaigns were activated against the commerce industry. This shows that threat actors continue to target the shift to online shopping through social engineering campaigns.
Akamai will be exhibiting at Infosecurity Europe next week.