Page 25 - index
P. 25
How eCommerce Uses Cyber Defense
For businesses that sell online, cyber defense is obviously a primary concern. By now, most
customers know to use strong passwords and to change those passwords frequently. But what
are eCommerce businesses doing to get ahead of ever-evolving digital threats? As the systems
and strategies of their attackers change, so should the industry's defenses.
Cyber Attack Data Sharing: The NATO
Mutual-Defense Model
In 2014, Computer Weekly reported that the
North Atlantic Treaty Organization (NATO)
was amending its longstanding mutual-
defense policy to include cyber attacks. The
organizing principle of NATO's mutual-
defense arrangement is that when a group or
country attacks any one of the 28-nation
partnership, the other 27 countries are
expected to come to that country's defense.
Image Courtesy of Shutterstock
Now, when a member nation is the target of a digital attack, the rest of the group will likewise
rush to its aid with "training, education, exercises, malware intelligence sharing, early warning,
and incident response."
This all-for-one defense policy isn't just for global political organizations like NATO — the
eCommerce industry can apply the same lessons. Facebook's ThreatExchange program is
based on the concept that, since cyberattacks are often launched simultaneously against
multiple targets in the same industry, all businesses "share in each other's fate." The cyber
attack data-sharing initiative is based on the idea that when more companies share attack data,
things will be harder for attackers. This is especially important because the success of so many
eCommerce sites, such as Shopify, are directly connected to their presence on Facebook.
DDoS as the Preferred Weapon: When Videos are Truly Viral
In 2014, the eCommerce security world was shaken to its foundation when a B2B site was
crippled with a distributed denial of service attack. DDoS attacks are nothing new, but the
vehicle used to launch the intrusion is what made this attack stand out. The attackers used a
viral video from a popular video-sharing site to exploit a persistent cross-site scripting (XXS)
25 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
