A classic example was a Magecart group’s compromise of Inbenta Technologies’ natural language processing software used to answer user questions by UK-based ticketing website, Ticketmaster.
As a result, Ticketmaster is facing a £5m lawsuit on behalf of Ticketmaster customers targeted by fraud as well as a potential GDPR fine by the Information Commissioner’s Office, which is yet to publish the findings of its investigation.
A data breach at British Airways linked to similar tactics potentially by a Magecart group resulted in the Information Commissioner’s Office announcing in July 2019 that they are considering a fine for the company of more than €200m.
According to security researchers, the breach of Ticketmaster customer data was part of a larger campaign that targeted at least 800 websites.
This is a major problem for retailers, with an Akamai tool called Request Map showing that more than 90% of content on most websites comes from third-party sources, over which website owners have little or no control.
These scripts effectively give attackers direct access to website users, and once they are loaded in the browser, they can link to other malicious content without the knowledge of website operators.
Current web security offerings are unable to address and manage this problem, and a Content Security Policy (CSP) alone is inadequate to deal with potentially thousands of scripts running on a website. Akamai is therefore developing and bringing a new product to market that is dedicated to helping retailers reduce the risk posed by third-party links and elements of their websites for things like advertising, customer support and performance management.
The new service dubbed Page Integrity Manager has completed initial testing and is now entering the beta testing phase with up to 25 volunteer customers with a range of different data types.
Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]