Cyberattacks against commerce examined

More than 14 billion web app and API attacks, or 34% of all attacks since the beginning of 2022, have been aimed at commerce sites, making it the most targeted industry vertical, while most of the attacks within the vertical have been deployed against retail sites, TechRepublic reports. Bot, API, and local file inclusion attacks were behind most attacks against commerce sites, with LFI attacks being the leading attack vector over the 15-month period, being more than twice as prevalent as cross-site scripting vulnerability-targeting attacks, a report from Akamai showed. In addition, third-party resources accounted for half of the scripts in the commerce vertical. "Although using third-party scripts does not necessarily mean that they are less trusted or malicious in nature, it puts organizations at risk of security flaws within these third-party scripts," said Akamai researchers. The report also found an increase in phishing attacks against commerce customers during the first quarter of 2023.