Without even realising it, the days of Ramadhan have continued to roll over and Eid-ul-Fitr is already in plain sight. This period can be interpreted as the peak season this year for e-commerce platforms. As in previous years, Eid will drive a significant growth in demand for e-commerce platforms.
However, once again, the issue of cyber security and customer data leaks remain a threat that could potentially erode e-commerce platform sales at the height of Eid. Recently, Indonesia was shocked by the customer data leak case of one of the largest e-commerce companies in Indonesia, where the hacked data of some 91 million customers was sold online.
Such cases again raise concerns that require special attention, particularly for organisations that focus their business on digital platforms. By managing business lines and dealing in e-commerce, digital-based corporations do indeed receive personal customer details. And of course, customers trust that important data to be kept safe and not to fall into the hands of the wrong people.
If that trust is broken due to data leak incidents, the brand image of e-commerce companies will automatically be affected, thus potentially leading to a reduced sales performance. On that basis, e-commerce businesses need to be aware of these five threats and take appropriate action to protect customer data as a matter of urgency.
Malware is consistently at the top of the list of e-commerce problems when talking about cyber threats. This is a major concern for e-commerce businesses and must be taken seriously. Malware can lurk in the background of e-commerce computer systems and steal personal customer data. As a result, e-commerce businesses can be forced to deal with lawsuits of up to billions of rupiah. One of the best investments against malware is to use the latest generation firewall and advanced protection to protect customers and e-commerce businesses.
Emails that look like they aren’t problematic can in fact be ‘Trojan horses’ that trigger viruses and allow cyberattacks to disable security systems and enable access to customer funds or data. There are many ways to prevent this, starting by always using a domain email and installing an effective firewall. But e-commerce businesses must always be open to new innovations in must-know security solutions, and periodically provide advice on security best practices to their employees. Cybercriminals are getting smarter, and so a phishing email could be a sham without you even realising it. For example, an employee could easily be tricked into opening dangerous emails if they are not provided with the proper training and support of appropriate security software.
- Software vulnerabilities
Many businesses rely on open source software for their cybersecurity. This provides more benefits when viewed from a business perspective, and generally the services provided can help companies ensure they are protected. However, don’t be fooled. There are big risks at play here. Using open source software can have fatal implications. Once a hacker or a cybercriminal discovers a system’s vulnerabilities, they can attack the business as a whole. This can occur especially if software is not updated regularly. In addition, hackers can also easily access personal data if the cloud is not secure. Security vulnerability assessments are a solution that need to be implemented by e-commerce to prevent these cyber issues from happening. Known as a vulnerability analysis, this is the process used to find and identify any defects (vulnerabilities) in the level of cyber security, especially in regards to networks and infrastructure. The vulnerability assessment helps businesses determine any vulnerabilities (such as coding bugs, security holes, etc.)
E-skimming refers to the cyber attack method of stealing personal data, such as credit card information, from payment process pages on e-commerce sites. This is a significant security risk in e-commerce, where cyber attacks look for e-commerce site vulnerabilities, then create a “path” on the site so that every visitor who accesses the e-commerce site will be directed to a platform prepared by hackers.
This method allows hackers to capture shopper data and payment information in real-time, as soon as customers access the payment page. To avoid this, make sure your website is secure, remind customers to never enter their details on an unverified website, and ask them to check whether the payment page is genuine or not.
- DDoS attacks
If phishing is a passive approach, e-commerce sites frequently experience direct DDoS attacks. A distributed denial-of-service attack, better known as a DDoS attack, is a cyberattack from several computer systems that target a server, causing the amount of traffic to become too high, which then hinders the server’s ability to handle incoming requests.
Such attacks would certainly be very detrimental to e-commerce businesses, especially in the lead up to Eid, as they cause a drop in server or computer performance, sales websites cannot be accessed and stop functioning, and some features in the server can be lost. This occurs as the attack sends hundreds of thousands of pieces of spam at the same time to the e-commerce company server, hampering server performance. In some cases, DDoS attacks can even damage a server to a point where it is beyond repair.
As cyberspace crime trends continue to increase and pose a serious threat to e-commerce, tactical, and strategic steps need to be taken to protect businesses and employees. The aim is to protect the business’ reputation, its customers, and of course the e-commerce business itself. Investing in cybersecurity is one of the wisest business decisions that e-commerce can make, especially at the height of a busy season such as Eid.
Telkomtelstra Managed Security Services boasts years of experience with the support of a number of experts in managing various cyber security challenges for a number of companies in Indonesia. Telkomtelstra understands the most effective and cost-effective ways to assist e-commerce businesses. As a result, e-commerce platforms can be proactive rather than reactive, and ensure that e-commerce businesses have the best cybersecurity.(*)