Why do Criminals go After Online Retailers?

By

Many online businesses, e-commerce and online retailers still seriously underestimate the [black] market value of the data they possess and handle. Consequently the risks of cyberattacks and importance of information security in general are also significantly underestimated.

The main reason for such behavior is that e-business owners have a very serious lack of information about the “dark side” of the internet, many are not even aware about recurrent data theft from their databases. But let’s start from the beginning.

First of all, e-business owners should remember that cyber criminals are also businessmen, who know how to make money. Customer databases from online stores are one of the most expensive on the black market, because they usually have correct, up2date and complete details about their customers, sometimes even their credit card numbers.

Completeness is a very important factor for [databases] pricing on the black market. Even spammers prefer to purchase personal records from an online shop rather than from a blog or free forum. This is simply because they may better target their subsequent spam emails for a higher click through rate, which consequently generates more income. Obviously, cybercriminals who make money via credit card or identity theft need as much information about their victims as they can obtain. Therefore customers of online stores are perfect targets for them.

Don’t forget that customers of European and US online stores are usually reasonably well-off and may host a good amount of valuable information on their computers. Such information may be used directly by the hackers or be (re)sold on the black market.

This is why quite often e-commerce websites are infected with a malware (an exploit pack targeting and exploiting vulnerabilities in Adobe products or popular browsers) during one night or over a weekend to get control over website visitors’ PCs while the IT security team is “off duty.” Such attacks often remain unnoticed - professional hackers will do their best to go under the radar, and you may not even have any clue that your online shop or database was compromised.

As we hear about attacks on the Targets and eBays of this world, many SME e-business owners gain a false sense of security, believe that they will not be attacked as their customer databases are not big or interesting enough to hackers.

This assumption is wrong because in the majority of cases hackers are not looking for customers and data from a specific web shop, they are just looking for [commercially] exploitable data. It’s much easier, faster and cheaper to hack 50 small e-boutiques than hack one major e-commerce operation, moreover the outcome [number of stolen customer records] will be almost the same, probably even bigger.

Hackers have bots that crawl tens of thousands of e-commerce website for known vulnerabilities, lists of websites as well as vulnerabilities-to-check are being updated weekly or even daily. So, it’s enough that your website is hosted on shared hosting, has an outdated CMS or vulnerable third-party code to get compromised by a bot that will download your databases, install a backdoor, clean the logs and continue crawling. Ninety percent of such hacks are missed by all popular web security scanning services that give “Website verified – 100 percent secure” labels to customers.

Dealing with a security breach

If you do notice that your website has been hacked, immediately notify your web hosting company and temporarily shut down your website.

Immediately change all passwords and copy access logs to secure local storage. They will help in the future to determine how hackers got in and to trace the attackers.

It is very important to understand if the attack against your website was targeted or not. Contact a local security company or a local CERT (Computer Emergency Response Team) to get competent advisers and assistance in the forensics process. Your web hosting company should also be able to help you by analyzing logs and abnormal activities around your website. As soon as you can reconstruct an image of the security incident you should take the following steps:

  1. Fix the hole:  Once you know how your website was compromised, patch the vulnerability or weakness hackers used to get in.  
  2. Inform relevant customers: If your customers’ personal data was compromised, notify affected customers and ask them to change all of their passwords as soon as possible. 
  3. Report the hack: Depending on your country’s cybercrime legislation, you may wish to deposit a criminal complaint against the attackers even if they are hidden behind a chain of proxy servers. However, don’t be too optimistic as, due to a lack of inter-government collaboration and different laws in almost every country, many of these crimes remain forever unsolved. 
  4. Put vulnerability testing in place: The only efficient solution is to regularly hire qualified ethical hackers who will manually check the security of your website, behaving and thinking like hackers but working for you and for your interests. SMBs probably don’t need to invest in costly on-site penetration testing consultancy services. An alternative is on-demand penetration testing, such as ImmuniWeb, which provides automated scanning of a website combined with penetration tester expertise. Two good guides giving advice on the selection of security assessment vendors/providers are written by Alexander Michael: “You may think you have never been hacked... you just have not realized it yet” and Viktor Polic: “The quest for weak links in information security”. 

In short, if you are running an e-commerce website you will probably be attacked at some stage. How you deal with an attack and what you do to prevent another one will determine how much time your site is down and how many customers you alienate.




Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More