CFOtech Australia - Technology news for CFOs & financial decision-makers
Australia
Guides
#
big data
#
business intelligence
#
cybersecurity
#
digital transformation
#
work from home
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
Digital Transformation
Rise in 'bad bot' cyber attacks threatening Australia's retail industry
Thu, 16th Nov 2023
Author image
By Catherine Knowles, Journalist
Follow us

In a recent publication, cybersecurity leader Imperva has analysed the situation of cyber threats affecting eCommerce websites and applications. They found that Business Logic Attacks (BLAs), conducted by sophisticated 'bad bots', made up 66% of all online attacks on retailers in Australia.

These types of attacks pose a significant threat to Australia's retail industry because the main focus of business logic attacks is to abuse API connections, Imperva states.

An increase of 118% YoY was observed in the occurrence of Business Logic Attacks on eCommerce sites. Attackers' main objective in BLAs is to exploit business logic and manipulate pricing or gain access to restricted products. In the past year, these attacks represented the majority of all attacks against Australian retail websites. The spike in these attacks is almost 30% higher than the global average, which sits at 37%.

Imperva's 2023 Bad Bot Report highlights bad bots manipulating business logic as a main form of API abuse. In fact, 17% of all attacks on API come from these malicious bots.

The most substantial challenges in countering these threats come from a lack of pattern in the attacks and the inability to enforce a generic rule to guarantee the security of all application and API deployments.

"The digital transformation of Asia's retail sector was accelerated by the pandemic. However, the diverse markets, complex supply chains, and varying cybersecurity readiness levels within the region have made Asian retailers particularly susceptible to these increasingly complex security threats," commented George Lee, Senior Vice President, Asia Pacific and Japan at Imperva.

He also expressed concern over the rise in bot sophistication, as this new breed of automation can compromise APIs and user accounts, directly affecting retailers' year-end sales and ultimately their profits.

Increased sophistication in bot technology is a cause for concern, with over 60% of automated traffic in Australia made up of dangerous bots. One particular category of harmful bot known as Grinch bots often cause disruption during holiday sales events.

Grinch bots purchase the most sought-after items to resell them at a higher rate in demand periods. This year, there has been a sixfold increase in the number of Application layer DDoS attacks on retailers aiming to disrupt applications or take them offline.

The threat of cyber attacks on Australian online retailers also looks to rise with the incoming 2023 holiday shopping season. A significant surge in Business Logic Attacks occurred in Australia from September 3, indicating that these automated attacks may continue through Black Friday and Cyber Monday.

Retailers are advised to be particularly vigilant against Grinch bots during these high-sale event days, as there is already a fifteenfold increase in the number of application layer DDoS attacks compared to last year, Imperva states.

Related stories
Top tips for renovating your revenue management function in FY2025
Global CIO study shows AI adoption is a pressing issue
How to ensure your finance transformation project is an unqualified success
Hyland pioneers AI updates for increased efficiency & automation
Alcatel-Lucent Enterprise launches Purple on Demand in Asia Pacific
Top stories
Australian businesses fast-track Microsoft cloud adoption amid cyber threats
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
Australian emergency services struggle with mobile tech failures
Dropbox unveils new features for remote work, enhances Microsoft integration