Going, going, gone: e-Commerce and DNS attacks

null

Super sales days like Amazon Prime or Alibaba’s Single’s Day can be tough for consumers looking for a bargain, but are even harder for retailers looking to secure themselves against all kinds of attacks and to provide the seamless continuity that eager shoppers expect from sellers in the current age. A particular threat retailers face all year round, but especially on high-traffic days like Black Friday, are DNS attacks. In the rush to make sales, many businesses can get it all wrong.

Research conducted by The Telegraph suggests the last two years saw 173 million people being affected by cyber attacks in the retail sector alone. The colossal amount of data retailers have to deal with makes them a very lucrative target to would-be attackers. When online game vendor Steam held a ‘Steam Sale’, the site’s activity increased by 2,000 per cent. Due to a two-wave attack, 34,000 users were shown personal information belonging to other users and were also prevented from making purchases themselves.

EfficientIP’s 2018 Global DNS Threat Report revealed the businesses in the retail sector alone experienced an average of seven attacks in the past 12 months. Over that period, these attacks cost retail organisations an average of almost $4m ($3.99). The 7 attacks on average in 2018 compares to 4 attacks in 2017 costing a mere $1.7m by comparison, the number of attacks and attached costs have therefore considerably increased in just a single year.

Marred with cyber threats, not only do these attacks compromise the brands’ websites, the damage goes beyond, to the very brands themselves. The report revealed that as consequence of a hack, 30 per cent of retailers suffered brand damage, shaking customer loyalty in the process and at a time when it is needed more than ever.

Keeping the online store up and running

Not only does this break in business continuity impact the brand’s reputation, it also affects it financially. Big days for retail like Black Friday and Cyber Monday have consumers flocking to retail websites. As website traffic increases, so does load on the server. These instances require retailers to be armed and ready to handle heavy website traffic, while providing seamless user experiences to each of their customers.

One way of ensuring retail websites don’t crash under pressure is to have high performance DNS able to handle large volumes of DNS queries. As traffic increases, network automation provides systems the backup needed to tackle increased incoming traffic and allows user experience to be seamless. Lack of it costs businesses, and 6 per cent of retailers also admitted to an attack costing them between over $1 million and $5 million.

With 36 per cent of retailers reporting cloud service downtime and 39 per cent to a compromised website, retailers need to ensure they have the proper threat detection and countermeasures in place. Retailers should have business continuity in mind when protecting their networks. The number of cloud service down time dropping by 11 per cent is an encouraging step in the right direction. This dose of optimism is tampered only by the fact that 34 per cent of retailers had a compromised website in 2017. This highlights that retailers need to stay vigilant at all times and that the progress made since last year is insufficient.

Securing DNS is a priority for e-commerce

The 2018 Global DNS Threat Report also revealed 91 per cent of retailers agree and understand the importance of DNS security for their business.  However, their approach to DNS security is not the best. More than any other sector, nearly a third (32 per cent) of retailers choose to add more firewalls to protect their network, specifically against data theft. Firewalls alone are inadequate protection as they merely provide a peripheral view of DNS queries, limiting the chances of threat detection.   

The retail sector seems to be taking note of the importance of logging DNS queries, as 87 per cent of retail brands claim to analyse their DNS traffic. However, adequate education to combat DNS threats seems to be an issue as 37 per cent retailers claim to take three days for patching a vulnerability and 27 per cent, a full week!

Brands can only protect themselves if they understand the variations of these stealthy DNS attacks. As the complexity and sophistication of attacks increase, retailers are hit by newer, and more diverse, attacks. DNS-based malware and phishing stand out as the preferred modus operandi. In the past twelve months, they constituted 31 per cent and 39 per cent of attacks in the retail sector respectively.

Always be selling

The retail sector needs to ramp up its security and network management to avoid further catastrophes and ensure optimal performance and user experience. This can be achieved by acknowledging DNS security as a key component of the overall network security strategy. EfficientIP recommends retailers enhance their threat intelligence on domain reputation with data feeds which can provide menace insight from global traffic analysis. It will protect them from internal and external attacks by blocking malware activity and mitigating data exfiltration attempts.

Applying adaptive countermeasures via graduated security measures relevant to threats will ensure business continuity for retailers, even in situations when the attack source is unidentifiable. It also mitigates the risk of blocking legitimate traffic.

Monitoring and analysis of DNS transactions will reduce the risk of data theft, often achieved by hackers via DNS tunnelling currently impacting over a quarter (26 per cent) of retailers. By embedding a security layer at the heart of the protocol in the DNS server itself, you’re able to get real-time, context-aware threat detection and remediation.  

Incorporating DNS into global network security solution to recognise unusual or malicious activity, while informing the broader security ecosystem, will assist brands in holistic network security.

Avoid becoming the prey of bargain-hunting hackers

The retail sector is a vulnerable target for hackers because of the high amount of traffic it experiences on a daily basis. This makes it imperative for brands to tighten their security by bullet-proofing their network against DNS threats. With online sales becoming more frequent and global e-commerce shopping events becoming more and more popular, only e-retailers offering the most seamless and secure experience will be able to retain their customers’ loyalty.

Ronan David, SVP Business Development and Marketing, EfficientIP
Image Credit: Mopic / Shutterstock