Don’t go into mourning over Black Friday cyberattacks – stay alert and stay alive
JOHANNESBURG – Black Friday and Cyber Monday are an excellent opportunity for retailers to significantly boost their sales. These two days are typically characterised by frenzied purchasing, as discounts are often significant but quantities are limited.
By offering great deals retailers can entice customers into making purchases that they may not have otherwise, which is an attractive proposition in an economic downturn. However, it is the very frantic and fast-paced nature of these days, especially in the online retail space, that also make them prime targets for cybercrime activities. Shoring up cyber security is an essential step for any online retailer to ensure that Black Friday and Cyber Monday do not turn into a black 2020 for their business.
It’s all about speed – and this makes you vulnerable
Black Friday and Cyber Monday offer the promise of great deals that have a ‘once in a lifetime’ and ‘not to be missed’ appeal. This means that customers will buy quickly, often without too much thought, and the speed of this response is where one of the biggest vulnerabilities lies. Consumers who otherwise may have been more cautious can easily be enticed into clicking on phishing links because they get caught up in the hype. Communications can be hijacked and infected mailers sent out directing consumers to fake websites where their details can be stolen. This type of scam can have a significant impact on the reputation of the business and the trust that consumers have in them.
There is also the risk of a denial of service (DOS) attack, which effectively shuts down a company’s network and could negatively impact a retailer’s ability to respond to sales and deliver on time. The threat of DOS attacks can also be used by cybercriminals to blackmail retailers in an attempt to extract a ransom from them. DOS attacks have been gaining popularity again recently, as evidenced by the increasing number of attacks against government and municipal agencies, so this is a threat that cannot be ignored.
The threat is nothing new, but it pays to be prepared
Neither DOS attacks nor phishing scams are anything new, however, they remain popular methods of attack because they are simple yet effective. The usual controls must be in place in order to maximise security, including perimeter security, end point protection and advanced threat detection and prevention. Security awareness also plays a major role and is more crucial than ever around events like Black Friday and Cyber Monday. No matter how sophisticated a security system may be, human error can always result in vulnerabilities that can be exploited by those with malicious intent.
Education of users needs to be a priority, especially at this time of year, and all systems need to be up to date with the latest security patches and definitions. It is also wise to simulate an attack to identify potential weak points, including conducting infiltration testing and vulnerability scans as well as application testing. Having a plan in place in the event of a breach is also critical, since an alert is useless if no response is forthcoming.
When it comes to protecting your online business this sale season and beyond, the importance of security and education around the threat cannot be underestimated. Being properly prepared is crucial and teams need to be briefed and ready to respond. Cyber threats can potentially cripple a business not only on important sale days, but well into the future, and they should not be taken lightly.
Simeon Tassev is managing director and qualified security assessor at Galix.