Revitalising E-Commerce Sales Through Cybersecurity

Recent news reports indicating that retail sales dropped again in June were a sobering reminder of how the Great Recession has crippled conventional stores. There were thousands of store closures and numerous bankruptcies among retail chains in 2020. However, there is one place where retail is booming, and that is online.

In an interview with David Ng, Trend Micro’s Country Manager in Singapore said that web-based business is exploding and according to Gartner, by 2023, online sales will account for more revenue than any other market channel. Although e-commerce was already the internet’s prominent participant in 2020, its rapid growth during the pandemic makes this outcome very predictable.

The success of online shopping is predicated on cloud-based databases that are hosted by industry leaders like Amazon Web Services, Microsoft Azure, Oracle, and Google Cloud. These businesses facilitate the growth of e-commerce by providing accessible, scalable, fault-tolerant, feature-rich platforms with high availability.

The cloud is having a profound impact on the e-commerce industry in several significant areas, including:

• Scalability – The public cloud ensures an increased technical capacity every time, without disrupting the user experience.
• Speed – One in two visitors abandon a website that takes more than six seconds to load. This is where the cloud can contend with the statistics by providing powerful cloud platforms with immense speed for e-commerce sites.
• Security – The cloud has enabled online players to better secure sensitive data generated every day from customer data, sales and inventory movements through firewalls and encryption.

E-Commerce is Flourishing but so are Cybercriminals
One of the greatest challenges faced by the e-commerce sector is cybercrime. Every year, online identity theft costs victims millions of dollars and the loss of valuable personal information. The prevalence of cybercrime presents obstacles to the development of the e-commerce sector. The methods used in cyber-attacks by criminals are becoming increasingly creative and sophisticated with each passing day. Thus, what are the most common methods used by cybercriminals to disrupt online marketplaces?

David Ng shares some of the key tactics used by cybercriminals which include:

• Phishing Scams – Content masked to look like legitimate emails, instant messages, or social media posts but are essentially a luring mechanism to encourage users into sharing personal information.
• Spoofed Messages – Scammers send unsolicited spoofed messages through e-commerce platforms, offering job opportunities to help merchants boost sales.
• Malvertising – Malicious advertisements that are used to target online shoppers by giving invasive ads, designed to bombard users on legitimate websites in the form of banners or pop-ups and divert them to fraudulent sites.
• Spam/Junk Mails – Marketing communications that hype up big bargains, sales, and discounts that hackers use to trick customers into clicking malicious links that could lead to phishing sites.

Stopping the Rise of Cybercriminals: A Collective Work
Ng said “When it comes to cybersecurity, we always see it as a shared responsibility. While online shoppers need to be wary and take their own precautions, companies also need to play their part to prevent data breaches.”

There are a few ways that companies can ensure safe e-commerce transactions and protect themselves from a data breach, including:

• Using Secure Sockets Layer (SSL) encryption for data transmission to protect valuable information from being stolen.
• Use a secure cloud-based point of sales system.
• Selectively collect customer data.
• Implement multi-layered security through virtual patching.

Other best practices that businesses can adopt to better protect themselves include:

• Limiting or restricting access to personal information.
• Destroying any confidential data prior to disposal.
• Updating security software regularly.
• Communicating and training employees on cybersecurity best practices.

Are Advanced Security Technologies Becoming More Accessible?
Managed Detection and Response (MDR) and Extended Detection and Response (XDR) are two examples of threat monitoring and response methods that aim to solve the most critical problems faced by enterprises and cybersecurity professionals. A persistent lack of cybersecurity talent is one of the main problems companies face today. When asked about how well prepared their teams are to handle a cybersecurity issue, 59% of respondents in a poll conducted by the World Economic Forum reported feeling unprepared.

Competent bad guys are hiding in the shadows of this skills gap. In a company, stealthy threats might lie in plain sight in the cracks of the company’s various security systems and software. In response, overworked security experts look into potential dangers from increasingly distant vantage points. Long-term, this will not work out well or even be sustainable.

Threat monitoring and response capabilities, along with other cutting-edge security technology, exist solely to make it easier to find and eliminate threats. It simplifies the analysis of risks and the provision of solutions based on the insights provided, therefore aiding IT professionals in their fight against cyber threats.

To aid customers at every stage of their digital transformation journeys, today’s security products, like threat monitoring and response systems, are user-friendly, powerful, and straightforward. These platforms are simple to adopt and incorporate into pre-existing workloads since they can be integrated into an organisation’s existing IT management system. To give just one example, Trend Micro’s Vision One XDR platform requires no installation. This means it can automatically include telemetry from new and existing sources with no user configuration or tweaking required. Therefore, it is simple to apply such technologies.

Businesses should consider spending money on such technology to be an investment. Cost savings in numerous areas, such as breach risks, threat detection and response, and the total cost of ownership of legacy security tools, have been demonstrated by today’s security solutions, which can save thousands of person-hours annually on security administration.

Every company, no matter how big or little can benefit greatly from using such resources. Such platforms can be a game-changer for smaller businesses that have little or no dedicated cybersecurity resources. Managed XDR services allow such groups to outsource their company’s threat management and response requirements.

Trend Micro: Assisting ASEAN With Secure E-Commerce
“Trend Micro has always been committed to supporting our customers, both within the e-commerce space and beyond. Take for example the recent Log4j incident in December 2021, where a high severity vulnerability dubbed “Log4shell” was discovered. Retail organisations, including e-commerce customers, were among the top Trend Micro customers impacted by the vulnerability,” said Ng.

However, being forward-driven, with Zero Day Initiative and threat research capabilities, Trend Micro was able to quickly chart the spread of Log4j and discover a new Denial of Service vulnerability, which was quickly patched before massive damage was done. Trend Micro also introduced a free assessment tool designed to root out instances of unpatched Log4j across its customers’ IT environment. Log4shell vulnerabilities are very dangerous – there are multiple attack vectors involved and the vulnerability can lead to remote code execution, allowing actors to install malicious code on an affected machine to launch a range of attacks.

“Beyond this, we are also determined to help e-commerce customers level up their cyber resilience. For instance, we supported a global e-commerce giant to improve visibility across assets, better manage risks and the attack surface, and ramp up their cloud security as they accelerated their cloud journey. As an organisation committed to making the shopping process easier, moving to the cloud was imperative – and Trend Micro’s sophisticated cloud security solutions helped them to do with ease of mind that their cloud environment is looked after,” Ng added.

Another area that Trend Micro is focusing on is helping its customers build cyber resilience in their supply chain with detection and response capabilities. Trend Micro Vision One solution and Managed Detection and Response services provide the customers with 24×7 threat monitoring to ensure immediate response when an incident happens. In addition to providing greater visibility into their security postures, customers are able to detect, investigate, prioritise, and respond to threats much quicker.

“During the peak of the Kaseya ransomware incident, for example, we were able to alert one of our customers about ransomware detection and quickly block the ransomware before damage could occur. We are constantly innovating to deliver our customers the best tools to stay ahead of the bad guys,” Ng concluded.