What are client-side attacks?
Websites and web apps are exceptionally rich and immersive, providing users with incredible amounts of functionality. There are two main components to a website or app – server and client. The server side stores code and data and processes operations and requests. The client side is where the web app comes together and is rendered within a browser.
Traditionally, hackers have targeted the server side, employing methods designed to break in and steal assets stored there. Over time, however, organizations have leveraged origin-focused security products to safeguard data and assets. Hackers innovate and continuously move to exploit the point of least resistance. They have turned their attention to a different target: the application or web browser that runs on the endpoint or client. Hackers are exploiting client-side weaknesses to break into the customer journey and continue to siphon assets and data.
Read our 15-minute guide to client-side online skimming protection
How a client-side online skimming attack happens
For a client-side skimming attack to be successful, hackers will inject malware into your site. However, they can also target one of your third-party vendors. These are often outside of your control and an attacker does not need to infiltrate your servers to perform a successful exploit.
The browser is the client
Approximately 50 percent of the world’s Internet traffic is delivered through a web browser. When a user is accessing a website, they will often use a web browser on a computer or smart device. In most instances, website code written by developers is delivered from servers down to the client. The browser interprets and runs this code to deliver the experience when the user accesses the website. When visiting a website, you see text, pictures and videos and have the ability to create accounts, browse catalogs, customize products, make purchases and more. Much of the website functionality relies on browser capabilities.
“There is usually no guarantee that the code hosted at the third party will remain the same as seen from the developers and testers: new features may be pushed in the third-party code at any time, thus potentially breaking the interface or data flows and exposing the availability of your application to its users/customers.”
Common types of client-side attacks
The hacker group Magecart made its name after finding vulnerabilities in the Magento component used by thousands of online stores. By inserting malicious code into the library, the code cascaded throughout Magento-powered websites, siphoning payment data when users visited online stores and entered credit card data. Today, this technique is used across all industries to target vulnerable third-party technologies.
Web skimming is one of the most prominent client-side attacks. A 2021 analysis by Ensighten suggests that 80-90 percent of organizations across industries are susceptible to a web skimming. Web skimming is an attack that specifically targets organizations with the goal of stealing personal and financial data. Web skimming is behind the theft of hundreds of thousands of payment and PII data records.