More than 14 billion web app and API attacks, or 34% of all attacks since the beginning of 2022, have been aimed at commerce sites, making it the most targeted industry vertical, while most of the attacks within the vertical have been deployed against retail sites, TechRepublic reports.
Bot, API, and local file inclusion attacks were behind most attacks against commerce sites, with LFI attacks being the leading attack vector over the 15-month period, being more than twice as prevalent as cross-site scripting vulnerability-targeting attacks, a report from Akamai showed. In addition, third-party resources accounted for half of the scripts in the commerce vertical.
"Although using third-party scripts does not necessarily mean that they are less trusted or malicious in nature, it puts organizations at risk of security flaws within these third-party scripts," said Akamai researchers.
The report also found an increase in phishing attacks against commerce customers during the first quarter of 2023.
Application security
Cyberattacks against commerce examined
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds