Lack of security can greatly affect business and, in the case of e-commerce, neglecting to protect the site can have major implications for the brand, including causing loss of customers.
The following are some very common risks e-commerce run while neglecting security.
Companies in the sights
By 2017, corporate cyber incidents almost doubled. These were 82,000 in 2016 and jumped to 159,700 in 2017. In this research, only cases associated with data breaches, ransomware , corporate email compromise (BEC), distributed denial of service (DDoS) attacks and acquisition critical infrastructure and physical systems.
As most gaps have not been reported in this analysis, it is estimated that the actual number of incidents may exceed 350,000.
To get an idea, according to NETSCOUT Arbor's 13th Annual Report on Global Network Infrastructure Security (WISR), Brazil was the target of the world's largest DDoS attack in 2017.
Last year alone, there were 264,900 Distributed Denial of Service ( DDoS) attacks - targeting Brazil, equivalent to 728 attacks per day / 30 per hour.
These attacks have become increasingly common, with Brazil among the top five targets for DDoS attacks in the world - after the United States, South Korea, China and France.
DDoS attacks are having a major financial and operational impact on business. In the United States , Arbor's 13th Annual Network Infrastructure Security Report (WISR), produced by Netscout Systems, indicated that 57% of respondents considered reputation and brand Business. Operating expenses were second only to 56% of those interviewed, with financial losses ranging between US $ 10 thousand and US $ 100 thousand - almost twice as much as in 2016. Loss of customers was an important concern after a successful attack on 48% of the people surveyed.
Attack " man in the middle "
In addition to the DDoS attack, another major concern for e-commerces is " man-in-the-middle " attacks , when the attacker intercepts data exchanged between the client and the site for misuse of this information.
Likewise, in addition to immediate damage, this can severely damage the brand's reputation by inhibiting customers from buying from it in the long run.
For all these risks and damages e-commerce can suffer, e-commerce has much to lose while neglecting security. Some measures like SSL (Site Cryptography) and Site Shielding (Automated Site Safety Gap Analysis) are basic to all virtual stores.
But, it is important that as your business grows and attracts more customers and attention from potential offenders, you should be sure to expand security investments.
WAF, for example, is an important measure to inhibit improper traffic from reaching your site and affecting you. Pentest is ideal for analyzing specific vulnerabilities that are not found by automated tools. This test is done by a specialist (Pentester) and should be applied in the e-commerces regularly for identification and correction of safety faults.
Posted on July 17, 2018 at 01:16 PM