How to protect your e-commerce business from cybersecurity threats

The internet is home to the biggest marketplace on the planet. Millions of dollars in transactions are made online. However, as shopping has become more convenient, it has continued to attract the attention of hackers intent on stealing data and money. 

The moment you start accepting payments from customers, you become of interest to hackers. Having your customer’s personal details, let alone their credit card details stolen, is going to cost you – both in terms of your reputation in the public, and in financial compensation. 

IBM research suggests that even a small hack, where less than 10,000 records are stolen, can still cost as much as $2.1 million

Ebay and Sony both know how dangerous e-commerce cyberattacks can be 

If you’ve ever wanted to get a sense of just how much of a risk cybersecurity is, consider these two famous examples of e-commerce breaches:

Ebay: In 2014 eBay, then the biggest e-commerce platform in the world, suffered what was then the biggest-ever cyber breach. Hackers managed to walk away with 145 million instances of customer personal data. This included names, email addresses, birthdates, physical addresses and phone numbers. Credit card details were not taken, but in the right hands that was more than enough detail to commit identity theft. The company has continued on, but other platforms, such as Amazon, have certainly grown past eBay since.

Sony: Back in 2011, Sony suffered a catastrophic attack where 77 million customers were affected, including their credit card details. The hack attacked the popular PlayStation Network, where users entered their credit card details to purchase and play games. In addressing the hack, Sony needed to provide each affected consumer with credit security monitoring services, remuneration to those affected, and in total, beyond the reputational damage, this hack cost the company $170 million

Threats you need to look out for

Everyone imagines cybersecurity threats being teams of elite hackers conjuring a dark kind of magic through their frantic fingers. The movie industry creates this illusion, and it’s a dangerous one, because many of the real threats are positively mundane. Some of the more common examples of cybersecurity threats facing organisations with e-commerce platforms include:

1. Malware attacks
You need to make sure that your company’s computer systems are not infected by malware. If a hacker were able to get a piece of malware onto your computer, they could use that to siphon off the details of your clients when you view them, or simply get your admin login details and access to the entire database.

2. Vulnerabilities in technology platforms
One of the reasons you need to keep your operating systems and e-commerce platform up to date is to ensure any vulnerabilities are patched as they are discovered. If you use commercial software, the patches should come from the vendor, but if you use any custom technology or open-source platforms, you're going to need to have an IT team and cybersecurity specialists to keep an eye on this. 

3. Phishing and human error
One of the most common strategies hackers use is the simplest – use emails and other official-looking correspondence to try and get an employee at your organisation to provide them with data, login details, or to download a piece of malware. The only way to prevent this is to comprehensively train staff to watch out for warning signs they’ve been targeted with phishing attacks.

What can you do to protect your e-commerce business from cyberattacks?

There are a number of steps you can take to protect your business from the risk of cyberattacks. These include:

1. Using a secure e-commerce platform
It costs a bit of money to use, but if you invest in a secure e-commerce platform, you get access to two things. Firstly, a platform that has been thoroughly tested for security best practice, and secondly, a company with a dedicated IT security team that will continue to roll out patches and keep an eye out for vulnerabilities – you’ll have some security support that you wouldn’t have if you developed your own e-commerce platform.

2. Train your staff properly
The terrifying statistic is that in 12% of cases, people will click on a malicious attachment or link if the email is dressed up well enough so that it looks authentic. This is always going to leave companies vulnerable to having their customer data stolen, so be vigilant in educating and re-staff on security best practices, whenever they’re using a device that they also use for work. 

3. Invest in layered security
It’s not enough to have an antivirus on the computer. Modern security requires a multi-faceted approach to security. This includes firewalls, network security, two-factor authentication, and requires powerful passwords – both of customers and staff.

E-commerce cybersecurity requires consistent expertise

More than anything else, once you’re running e-commerce, you need to be vigilant. Just as your store is now up for 24/7, so too do you need to be aware that your environment can be compromised 24/7 and, if you are going to be hacked, it is so much better from both a cost and resolution perspective to be able to catch the issue early.

For more information on how to secure your e-commerce environment, contact the team at Kiandra IT.