The furniture dealer's website is not accessible, only a confusing combination of numbers appears on the screen. What has happened? The online platform was paralysed by hackers who are now demanding a ransom - otherwise the site will remain unreachable. A nightmare in e-commerce, because every minute orders are lost.
It is not at all unlikely that something like this will happen: In recent months, cyber attacks on businesses, and especially on online commerce, have been on the rise. This is partly due to the growing popularity of online shopping, but also to the increased vulnerability of systems.
Facts speak a clear language
The facts are clear: the threat of cyber attacks has long been omnipresent and affects all industries. The development in e-commerce is particularly worrying: according to a study by Netscout, there were more than 5,500 attacks on German online trading platforms in the second quarter of the current year.
This represents an increase of 74 per cent over the same quarter of the previous year. Another aspect: companies are flooded with spam mails just like private individuals. According to the IT security specialist Trend Micro, the networks were mainly burdened with spam around Covid-19.
The types of cyber attacks
There are various threat scenarios: Recently, the so-called DDos attacks have increased. The abbreviation DDoS stands for Distributed Denial of Service - an IT infrastructure is deliberately overloaded so that it functions only to a limited extent or not at all. In the case of a webshop, this could mean that it no longer works. This type of cyber attack is often based on attempts at blackmail.
Such blockades can be ordered relatively easily via dark channels. In most cases, the criminals and their clients cannot be located; after the attack, all traces are removed. Another variant: Malware known as ransomware is infiltrated into company networks and can completely paralyse them. In this case too, cyber criminals come forward and demand a ransom, usually in the form of the crypto currency Bitcoin.
One of the best known attacks in this area is the WannaCry program, with which computers around the world were infected three years ago. So-called Bad Bots - programs that independently cause trouble on the attacked websites - also behave in an underhanded manner. By asking prices, leaving spam comments and carrying out supposed transactions, they can affect the performance of the websites or even paralyse them completely.
The furniture industry is undoubtedly also affected by this development: online platforms are increasingly being targeted by cybercriminals. If an attack is successful, it can have far-reaching consequences: Customers cannot access the website for hours or days or important data such as payment details are stolen.
Handling is difficult because, on the one hand, customers should be offered a good shopping experience, but on the other hand, not everything should be allowed for security reasons.
What can companies do?
First of all, the appropriate attitude is needed: IT security should be a central issue in digitisation and e-commerce. However, not only appropriate hardware and software is needed, but also training. After all, the biggest weak point is by no means computers or networks, but people: Negligent handling of passwords, opening suspicious mails and data or lack of knowledge of the threat can have far-reaching consequences.
Home office as a risk factor
Apart from online platforms, other company structures are also exposed to a greater threat. In many companies, employees currently work in the home office - and there, protection is often not at the level that is taken for granted in the office. Because data must be accessible from outside, the gates of entry into sensitive company networks open up for crooks.
Experts recommend constantly monitoring data traffic and identifying possible weak points in good time. In addition, employees need to be informed more precisely about dangers; the IT infrastructure in the home office must also be adapted to the new conditions.
A particularly perfidious scam is the so-called CEO Fraud. This involves persuading company employees to transfer sums of money to foreign accounts. The fraudsters pretend to be superiors and have informed themselves in advance about internal company procedures.
A number of companies in Germany and Austria have been affected by this recently, but such incidents are often kept quiet. Cyber attacks have long since become a potential danger for every company.
Author: Robert Prazak