Cyber ​​threats that could affect the retail industry this holiday season (and what to do about it)

As the holiday season approaches, retailers are bracing for their annual increase in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals who seek to exploit vulnerabilities for their own benefit.

Imperva, a Thales company, recently published its yearbook the holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s six-month analysis (April 2024 – September 2024) showed that this is the year retailers need to pay attention to threats created by AI. As generative artificial intelligence tools and large language models (LLMs) become more common and sophisticated, cybercriminals are increasingly using these technologies to scale and refine their attacks on e-commerce platforms.

Imperva Threat Research also found that retail sites experience an average of 569,884 AI attacks every day. Understanding the types of threats that drive these attacks and how to protect against them is critical for retailers to protect their business and customers during the holiday season.

Business logic abuse leads the way in threats to online retail

Business logic abuse was found to be the most common AI attack system against retail sites, accounting for 30.7% of all attacks. Business logic abuse occurs when cybercriminals use intended functions of an application to achieve unauthorized results. For example, they may manipulate promo codes or use return policies to get goods or services at a lower price. Imperva found that nearly 50% of retailers experienced some form of business logic abuse.

The danger of this threat is multiplied by the ability of AI to analyze user behavior patterns and identify potential loopholes. As attackers use artificial intelligence to develop more effective exploitation strategies, retailers must implement strict controls to monitor and verify user actions on their platforms. Without these safeguards, businesses risk significant financial losses and reputational damage.

DDoS attacks remain a constant threat

Distributed denial-of-service (DDoS) attacks are almost as common as business logic abuse, accounting for 30.6% of AI-generated threats to retailers—and they’re becoming more prominent. According to Imperva 2024 DDoS Threat Landscape ReportApplication-level DDoS attacks on retail sites are up 61% year-over-year.

Application-level DDoS attacks pose a serious threat to online retailers, especially as they prepare for increased traffic during the holiday shopping season. Cybercriminals can use AI to orchestrate sophisticated DDoS attacks that overwhelm retail websites, rendering them inoperable.

The financial consequences of a successful DDoS attack can be staggering: businesses can face lost revenue, increased recovery costs, and potential long-term damage to their brand reputation. To combat this threat, retailers must invest in robust DDoS mitigation solutions that can identify and neutralize attacks before they disrupt operations.

The Grinchbots continue to wreak havoc

Bad bots are becoming increasingly sophisticated, often using artificial intelligence algorithms to mimic human behavior and bypass security measures. Malicious bot attacks accounted for 20.8% of all AI attacks on retail sites. These automated threats are extremely disruptive to normal business functions, with the ability to scrub pricing data, launch credential spoofing attacks, and create fake accounts.

During the holidays, retailers should be especially wary of Grinch bots, a sophisticated scalping bot that requests online merchandise and buys the most in-demand items of the season in order to resell them at a significant markup. Grinch bots disrupt holiday sales and product launches, making it difficult for shoppers to purchase popular, high-demand items.

The ability of artificial intelligence to automate these processes means that malicious bot attacks can quickly scale, making detection and mitigation difficult. Retailers must improve their bot detection capabilities to distinguish genuine users from malicious bots. Failure to do so can result in lost sales, inventory issues, and reduced customer satisfaction.

API breaches are a growing concern

As retailers increasingly rely on APIs to facilitate transactions and integrate third-party services, API breaches have become a hot-button issue, accounting for 16.1% of AI-driven attacks on retailers. Cybercriminals can exploit vulnerabilities in APIs to gain unauthorized access to sensitive data, often using artificial intelligence to detect and exploit these weaknesses.

The retail industry experiences an average of 5,570 API attacks every day, most of which are API breaches. The potential consequences of API breaches are serious, as they can lead to data leaks, financial fraud, and loss of customer trust. Retailers should prioritize API security by implementing strict access controls, conducting regular security audits, and using AI-based monitoring solutions to detect anomalies in API usage.

Cyber ​​security tips to stay safe this holiday season

The holiday season presents a dual opportunity for retailers: a chance to make the most of increased consumer spending and an increased risk of cyber threats. With the proliferation of artificial intelligence tools, e-commerce companies will face more sophisticated threats that exploit vulnerabilities and commit fraud with greater precision.

Retail businesses should follow these tips to protect their websites and customers:

1. Get ready to increase your online traffic: Retailers should prepare for a spike in online traffic during the holiday shopping season. To prepare, they need to make sure their infrastructure can handle the increased load without losing performance. This includes scaling servers, using a content delivery network (CDN) to distribute traffic efficiently, and implementing a waiting room queuing system to manage traffic flow and ensure a fair experience for legitimate users during peak hours.
2. Develop a bot management strategy: Along with the influx of genuine shoppers, retailers can expect an increase in malicious bot traffic. Developing a solid bot management strategy is essential to secure their platforms and ensure smooth shopping experience for real customers. Basic steps include assessing traffic risks, identifying entry points, blocking legacy user agents, restricting proxies, implementing rate limiting, and monitoring for signs of automation or headless browsers.
3. Protection against abuse of business logic: Artificial intelligence allows attackers to automate business logic violations on a larger scale, making such attacks more difficult to detect. To protect against such threats, retailers must implement strict validation of all user input, use anomaly detection systems to detect unusual activity, and conduct regular audits of their business processes to identify potential exploitable vulnerabilities.
4. Invest in a DDoS solution: DDoS attacks aim to overload a website’s resources, resulting in downtime, which can lead to lost sales and reputational damage, especially during peak shopping periods. Retailers should invest in a DDoS protection solution that uses machine learning to detect and mitigate malicious traffic in real-time, ensuring legitimate customers have uninterrupted access to services.
5. Secure APIs: To proactively combat automated programs and API abuse, retailers should establish a baseline for expected API behavior, including typical traffic figures and user geographies. This baseline helps detect anomalies, such as unusual spikes in little-used APIs, that may indicate malicious activity. In addition, application of rate limits by session and IP address can deter abuse, and audit logging of user activity facilitates monitoring and investigation of potential threats.

By understanding the nature of AI-driven attacks and preparing for the challenges, retailers can better protect their operations and ensure safe shopping for their customers. Constant vigilance and the implementation of advanced security technologies are critical to keeping pace with the evolving tactics of cybercriminals and ensuring a safe holiday shopping season for both retailers and customers.