Start-rite, a children’s footwear company with over 200 years of retail experience has been trusted by generations of parents. Its patrons include three generations of the Royal Family.
30% of Start-rite customers are now first time buyers, reflecting rapidly changing buying habits and an increase in online industry purchases, So no chances can be taken with online security in such a highly competitive sector.
Where there was one main competitor in Clarks, now multiple entrants are in the market.
While, heritage, style, and the quality of Start-rite shoes are still central to its success, the company has undergone a period of change with its online shopping experience and security being very much part of its forward-thinking business strategy.
The First Attacks When Start-rite’s website was hacked in July 2016 the retailer was instructed to carry out a PFI (PCI Forensic Investigation) by VISA. It partnered with Foregenix, which provides cyber security consultancy and software solutions, to tackle the effects of the breach and develop a robust cyber security strategy. With an extensive retail background Foregenix remediated the situation and ensured Start-rite was protected from the threat of further breach and data loss.
Start-rite began tackling website attacks by using its all in one security solution, FGX-Web, which detected and mitigated a further attempt of a breach over a year later and prevented the need to conduct a further costly PCI Forensic Investigation.
Malicious Requests In October 2017, Start-rite experienced an extensive attack on its website. The attack was so large and persistent that it accounted for a third of its total malicious requests since FGX-Web’s deployment in February.
Such an attack would normally have a negative impact on server response times and website performance. However, FGX-Web blocked all of the malicious requests and ensured there was zero impact on website performance and response times were completely unaffected. Server times
essentially govern how fast a website operates and an unusually slow response time could be an indication that a website has been compromised.
The attack forced traffic to spike to six times the businesses usual levels. The graph shown is taken directly from FGX-Webs telemetry. As you can see between 12:00 – 15:00, malicious traffic (in blue) rockets ahead of normal traffic (in green).
The Results With a combination of consultancy and a leading cyber security solution, Start-rite has developed a secure online shopping space for parents.
FGX-Web provides the key security monitoring and protection to enable an ecommerce business to defend against online attacks. With real-time data analytics, FGX-Web provides clear risk profiling and security visibility across the e-Commerce environment. It provides deep security monitoring, detection
and protection against malware, such as web shells, backdoors, harvesting scripts, and other web-based attacks.
Since it’s deployment, FGX-Web has protected Start-rite from 1.3 million malicious requests. Despite an increasing level of attack traffic, Start-rite has been able to continue with business as usual. This is thanks to FGX-Web’s automated analysis, combined with the skill and experience of its Threat Intelligence Group.
The solution takes malicious requests that come from the same source; same target URL and same attack category (e.g. SQL injection or Brute Force Attack) and groups them together into one alert. 2700 incidents have been picked up to date and displayed on the Start-rite security dashboard.
"The online experience is an essential part of any business’ reputation, especially high-profile retail brands like Start-rite. Cyber security is about protecting both the seller and consumer," comments Foregenix CEO Andrew Henwood.