Monthly bot attacks on e-com sites grew 13%, DDoS jumped 2x in Sept 21: Report

Cyberattacks, involving bots, on e-commerce sites have seen a stark growth in 2021 in comparison to last year.  

According to Imperva’s report titled ‘The state of security within e-commerce’, bots have become significantly more sophisticated, hence avoiding detection by simple safeguards found in most e-commerce platforms.  

This has contributed to a 14 percent monthly bot attack growth on e-commerce sites over 2020, headlined by a striking 200 percent spike in DDoS attacks in September 2021 – ahead of the peak-traffic festive season. 

The report further says, while 33 percent of all e-commerce cyberattacks were due to bots in 2020, this has jumped to 57 percent in 2021.  

The cumulative rise in automated cyber attacks can be credited to the growth of sophisticated bots on e-commerce platforms, which have grown both in volume and quality of operations in 2021. Such bots have become more effective at replicating human behaviour indicators such as the nature of clicks and mouse movement – therefore becoming increasingly more difficult to detect. 

In terms of the nature of attacks on e-commerce sites, data theft ranked as the most prevalent form of cyber attacks enforced through bots, followed by targeting of saved payment information and stealing of loyalty and reward points. 

Even more interesting is Imperva’s data set on account takeovers by bots, which reportedly formed a striking 32.8 percent of all login attempts across the ecommerce sites that it mapped. 

This further reflects on the vulnerability of user account information, and the need for everyone to set up as many security measures as possible.

Finally, the Imperva report states that 2021’s rise in DDoS attacks have been starkly higher than other years during the peak festive season traffic on e-commerce sites. 

In September 2021, DDoS attacks reportedly grew by 200 percent over the previous year, which is being attributed to the rise of more sophisticated botnets such as the Russian Meris botnet.  

The latter has been previously reported to be among a new generation of sophisticated botnets – previously reported to have generated as many as 21.8 million requests per second. 

The full Imperva report on the state of cyber attacks in the e-commerce sector can be read here.