The holiday shopping season kicks off tomorrow. There will be a notable spike in holiday shopping as people across the country rush to take advantage of the deals and bargains available on Black Friday and Cyber Monday. For retailers, it is a double-edged sword, though. It is a fabulous time of year for sales and revenue, but unfortunately it comes with a significant increase in risk and challenges for cybersecurity as well.
Cybercriminals know how to exploit the holiday shopping season to increase their own revenue as well. The dramatic spike in online traffic and sales makes it easier to blend in undetected. At the same time, many employees are off for the holiday and tend to take more vacation time through December to spend time with family, which means that even if a security and fraud detection system is in place, it will take DevOps and security engineers that much longer to analyze the alerts and decide if they present a real threat.
There are automated tools to detect and block suspicious or malicious activity, but retailers can’t afford to block every IP address that might be flagged as a potential problem. Most detection systems are highly inaccurate, and the transaction may actually be legitimate. In addition, shoppers coming from mobile devices may be sharing an IP address for many of the users in the same areas, which means that blocking that specific IP address may also block access to dozens—if not hundreds—of other shoppers. A cyber attack is bad but blocking or rejecting a legitimate transaction is as bad or worse.
“Web applications and ecommerce sites are at risk of cyber attack year round,” stressed Ivan Novikov, CEO of Wallarm. “However, the risk increases significantly during the holiday shopping. Overwhelming network demand and the focus on maximizing sales make it more challenging for organizations to effectively detect, identify and stop attacks.”
What can retailers do to effectively protect against these threats? Here are four things to do to prepare for the holiday shopping season:
Conduct a security audit of all your systems where customers will shop and transact and where ecommerce stores are implemented ahead of the Black Friday and Cyber Monday rush. Make sure your platforms such as WordPress, Joomla, and Drupal—as well as any and all containers under them—are fully patched.
Verify configuration of external services and APIs—especially for third-party payment services like Stripe and Braintree. It is very easy to misconfigure authentication and data protection settings.
Most ecommerce attacks are driven by hijacking legitimate accounts—either through phishing attacks, or by guessing passwords or substituting a password from one of the known caches of stolen passwords available on the dark web. Legitimate accounts have established patterns of access and usage and there are automated tools, such as Wallarm, to detect anomalous activity and protect against behavioral attacks like that.
Suspicious or malicious activity is almost constantly present. There will be even more on Black Friday and Cyber Monday, but you can’t treat it all the same. It’s crucial to filter the attacks by risk to resolve issues most effectively. In situations where hackers become more active and DevOps resources are limited, it is important to focus the attention on the attacks that either have the higher potential impact or specifically target your sensitive or important assets. You can prepare to evaluate the risk of attacks in advance either by deploying cybersecurity tools that classify the risk of attacks or creating scripts that can help highlight attacks that are of the more critical nature.
Black Friday and Cyber Monday will bring a dramatic spike in sales and revenue, and a massive increase in cyber attacks as well. If you follow the tips here and prepare your network security, you can get some peace of mind, enjoy the holiday season and spend time with your family too.