Threat actors evolved tactics, opting for a more nuanced approach that spread attacks across a broader timeframe to blend in with legitimate traffic and evade detection during peak holiday shopping times, according to Cequence Security.
The months before the 2023 holidays demonstrated a change in tactics, techniques, and procedures by adversaries against prominent retailers.
Attackers have shown that they are highly sophisticated and have great persistence and depth of planning.
Many companies, and retailers in particular, take the holiday season as their cue to focus more on security and begin to lock down their networks and applications.
In the second half of 2023 alone, gift card fraud increased by 110%, while scraping, loyalty card fraud and payment card fraud increased by a collective average of over 700% as attackers lay the groundwork for holiday sale attacks ahead of retailer security crackdowns.
These types of attacks are correlated and spiked together because those parts of the website, applications, and associated APIs are related, especially as they pertain to attacks.
This insight shows that these retailers were not experiencing simple brute force-style attacks in isolation, but sophisticated attacks from adversaries displaying highly varied TTPs. Rising threat of trust-building account takeovers.
Most online retailers encounter attacks that employ standard well-known account takeover tactics that peak during the holidays.
Account takeovers increased a staggering 410 times for retailers in the second half of the period analyzed.
The report shows that many products were added to carts via automated tooling to volumetrically flood systems, purchasing as many in-demand items as possible, effectively cornering the market and preventing sales to legitimate customers.
Whether it's Taylor Swift concert tickets or the latest hot sneaker drops, bots are a massive problem for fans and retailers alike.
With attackers constantly refining their tactics and expanding their arsenal, the need for a vast, historical threat intelligence database and an expert team to decipher the rapidly evolving API threat landscape has become increasingly paramount.
Across their entire customer base, Cequence detected malicious traffic from 719 million unique IP addresses and 325 million malicious login attempts from June to November 2023, highlighting the scale of today's threats.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Tue, 02 Jan 2024 05:13:06 +0000