Many people today shop online because of the convenience, and e-commerce store owners are profiting nicely because of this. However, many of these entrepreneurs haven't bothered to get insurance because they haven't thought through the liability risks they are facing. E-commerce sites use shopping cart software that handles customer credit card information. This presents a tempting target for hackers since many would like access to this data.
There are a number of ways that hackers can gain access to an e-commerce site. E-commerce sites generally use content management systems that are in common use and therefore are well known. This means that hackers know all about them as well. Hackers can form a kind of community that shares information with its members about hacking techniques that they've found effective against well-known content management systems.
All content management systems have their security vulnerabilities. Although these are patched up as they are found, the hacking community is talented at finding new security holes, which they may share with each other. To get an idea of how often these holes are discovered, take a look at the revision number within your content management system. Many of those revisions were security patches.
Methods used by hackers to get into content management systems include:
- Exploiting security vulnerabilities in e-commerce sites that use well known themes.
- Exploiting vulnerabilities in commonly used plug-ins.
- Brute force attack, which is where automated software attempts to log into your site by making thousands of user name and password guesses. This happens continually, every day of every week without your knowledge.
In addition to your content management system, attacks can also be directed against the server that hosts your e-commerce site.
If a hacker should ever gain access to the credit card data of your customers and use it, you will likely be facing lawsuits from many of these customers. Cyber liability insurance generally covers defense and liability costs arising out of unauthorized access or use of your customer's data, along with litigation due to intellectual property infringement, virus transmission, identity theft and any other problem caused by your site or services and passed on to your customers via the Internet.
Other covered expenses include forensic costs for determining the extent of the data breach and expenses due to crisis management, remediation, business interruption and notification of everyone who might be affected by the data breach.
Consider yourself lucky if your e-commerce site hasn't been hacked yet, because this is a very common occurrence. Get cyber liability insurance before it's too late.