According to PwC’s 2016 Holiday Outlook1, this year’s holiday season spending is expected to reach its highest level since the recession, at least in the United States. In fact spending in the U.S. is going to increase by 10% over the same period last year. The same report states that consumers are moving towards using mobile devices for holiday time gift buying. This trend is great news for stores with an online presence – and for dedicated online operations, but it’s also good news for hackers.
The increasing use of mobile devices is a sort of a canary in a coalmine – it’s a good barometer to indicate that online shopping continues to increase in popularity. In fact, online shopping is now the chosen method of getting that special gift in the run-up to the holidays – in a survey of over 1,900 consumers across the US and UK, Computop found 76 percent of consumers planned to shop online this holiday season.2
This means that online retailers are going to have to be on top of their 2016 game when it comes to protecting data. Adding to the pressure, the Ponemon Institute estimates a minute of downtime costs organisations over $20,0003 and that’s during normal business periods, multiply that by several orders of magnitude during peak buying periods and you begin to get an idea of just why online retailers are girding their electronic loins for cyber attack as we head towards the end of 2016.
So what are retailers doing?
Aside from simply hoping that they will not be the victims of a cyber attack (and hope isn’t really a strategy) many online retailers are rolling out innovations to help protect the data that they manage.
One of the most innovative methods is simply an old marketing trick made new – demographic analysis. In marketing, identifying your target audience is key to segmenting your marketing efforts. But in order to be successful you need to track who is using your products. Once you know that men aged between 18 and 35 are buying, you have your baseline.
Online retailers are using a similar ‘behavioural analysis model to spot anomalous network or application traffic, including potential cyber attacks. When a traffic type reaches an unusually high percentage of total traffic, the behavioural engines take a closer look and may trigger advanced security solutions that will determine it to be an cyber attack and block this unusual behaviour.
Unfortunately for online retailers not every cyber attack can be headed off at the pass in this way. Distributed Denial of Service (DDoS) attacks can be foiled in this way, but often modern hackers take pains not to reveal their activity by altering traffic patterns – they often use malicious scripts which exploit weaknesses in application coding. Fortunately the latest advances in Web Application Firewalls (WAF’s) are significantly more advanced than older releases which placed a huge reliance on identifying IP addresses as a means of finding out just where a cyber attack is coming from. Today, advanced WAFs use device fingerprints which combines dozens of user device attributes. Combining this with behavioural analysis makes it possible to develop a reputational profile of the user and potentially identify behaviour as anomalous – and perhaps malicious.