Latest News

Akamai Report Finds EMEA Is Top Target for Retail Web Attack Cybercrime

Akamai Technologies, the cloud company that powers and protects life online, today released a new State of the Internet report that spotlights the increasing number and variety of attacks on the commerce sector. Analyzing Threats Trends in the Commerce Industry finds that commerce remains the most targeted web attack vertical, accounting for over 14 billion observed incursions globally and 4.6 billion attacks in EMEA.

In EMEA, retail is by far the most attacked sub-vertical of commerce, with Germany as the driving force behind this trend. There were several key factors that likely contributed to this level of attack traffic in Germany: the publicized support of Ukraine, the continued rise of LFI attacks (discussed in a previous Akamai report) that can lead to remote code execution and allow for network access and deeper breaches such as ransomware attacks, and the impact of negative social media campaigns.

Other key findings of Entering Through the Gift Shop: Attacks on Commerce include:

– Malicious bots are also targeted at consumers, and the report finds that between January 2022 and March 2023, the number of malicious bots attacking the EMEA commerce vertical reached nearly 835 billion

– LFI usage is more than two times higher than the next closest attack vector in EMEA retail (59%)

– Web application and API attacks on the commerce vertical in EMEA are the most prevalent, making it by far the top web attack vertical at 51%, with video media a distant second at 13%

– 51% of the scripts used by commerce organizations in EMEA come from third parties, which is substantially higher in comparison with the amount of third-party scripts used by other verticals (31%)

– In EMEA, the U.K. came second after Germany, with 397 million web attacks in retail

“By its very nature, commerce is the gift that keeps on giving to cybercriminals. It offers a treasure trove of sensitive consumer data that can get easily compromised as this industry is less well-regulated than others, but needs the same security maturity level. The situation observed within the commerce industry in Germany could be viewed as an indication of things to come — the potential for a perfect storm of factors to drive such spikes in attacks could happen to any country,” said Richard Meeus, Director of Security Technology and Strategy, EMEA, at Akamai. “Businesses should remain vigilant and protect their digital shop front so that consumers can enjoy a safe and bot-free shopping experience. And consumers should observe best cyber hygiene practices — strong passwords and regular software updates — to keep attacks at bay.”