4 Risks to be Aware of When Digitally Transforming Your Retail Business

As originally published in the YOTTAA blog

Bot Mitigation

Digital transformation is at the forefront of the retail e-commerce industry. With the accelerated move from the physical storefront to the digital storefront comes increased attack surfaces by which cybercriminals can target businesses. As businesses rapidly shift more transactions to web and mobile applications, they also need to be proactive about safeguarding their applications from a wider variety of cyberattacks. PerimeterX works closely with YOTTAA to make it easier for businesses to implement protective solutions against bots as they undergo these changes. Here are four top threats that security and development teams should be aware of as they optimize their retail business in 2021.

1. Account takeover attacks

Account takeover (ATO) is a sophisticated instance of a brute force attack in which cybercriminals specifically target login credentials to take over an account. During these attacks, the attacker will leverage large data sets of username and password combinations. There are billions of such credentials that have been leaked throughout the last few years that are available for purchase via the dark web and other avenues. These are popular sources to steal login credentials for testing and validation.

Data breaches can result from a single machine rapidly testing and validating a set of credentials, which is typically easier to detect and block than the more advanced attacks that sometimes leverage up to hundreds of thousands of different bots and machines. This distributes the load to make it harder to distinguish the source. This also allows data breaches of higher volume to occur. In many cases, cybercriminals will attack various sites simultaneously to further spread the load and make the attack harder to detect.

As teams ramp up their digital transformation efforts, vulnerabilities to account takeover inevitably open up. Organizations should stay cautious and implement bot (Read more...)

*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at: