Online retailers are planning for a big Black Friday – but so are cybercriminals. In this article, Link11’s Security Operations Center describes how retailers can keep their websites safe
Black Friday and Cyber Monday are highlights on every retailer’s calendar, and this year consumers across Europe are expected to spend record amounts – especially in the UK. Research published by Statista predicts that UK shoppers will spend over £7.5 billion between November 27th and 30th. This is may be the highest spending in Europe, nearly 21% more than in Germany (£5.9 billion, the second-highest) and more than the combined sales in France, Spain, the Netherlands, and Belgium.
But retailers and consumers aren’t the only ones preparing for Black Friday weekend. Cybercriminals are getting ready to snatch their share of the spending using extortion and blackmail techniques to target online sellers. As a cautionary measure, the British National Cyber Security Centre issued a retail security alert ahead of Black Friday sales. The German Federal Office for Information Security (BSI) also publishes regular warnings that “on high-turnover days in the e-commerce sector, the dangers posed by DDoS attacks are particularly high.”*
The motives behind these attacks range from senseless vandalism to blackmail and eliminating competition. Whatever the motive, the results will be the same: retailers that can’t defend their websites and systems against DDoS attacks risk losing both revenue and reputation during this lucrative shopping period. A website taken offline by an attack will be a revenue-loser because customers will shop elsewhere, possibly leading to long-term brand damage. This is why retailers fear DDoS blackmail.
Making matters worse, cyberattacks are relatively easy for criminals to procure. Almost anyone with the means to pay (usually with stolen credit card details) can can order a DDoS attack capable of taking down even a major e-commerce site. DDoS-for-hire services offer attacks of over 10 gigabits per second (the average business has an Internet connection of less than 100 megabits per second) for a modest fee (around $10 per hour for an attack).
In the past few months, the Link11 Security Operation Center has registered an increase in large-volume DDoS attacks. Since the issue of the Link11 DDoS Report, attacks of several 10 or even 100 Gbps have become the new normal and are no longer the exception. The average attack bandwidth remains high, at 4.1 Gbps.
It’s worth noting that during busy periods, it’s not necessary to launch a large-scale attack to overload and crash a website. The volume of ordinary traffic alone can result in long page-loading times, timeouts, and error messages, even without malicious interventions. As such, an attack with a bandwidth of just a few Gbps can be enough to cripple a site.
Because it’s easier for criminals to launch damaging attacks, retailers are increasingly challenged to identify and put in place resources to successfully ward off those attacks. Conventional best practices for doing this include:
However, these measures are time-consuming and costly to plan and implement. Also, deploying additional bandwidth often results in an ‘arms race’ between businesses and criminals – and the criminals usually win, simply because they can scale their attacks far more rapidly than businesses can scale their traditional defences.
As a result, retailers that want to avoid Black Friday weekend blackouts should concentrate less on expanding their bandwidth and server capacities, and more on preventive security measures based on always available, massively scalable, cloud-based DDoS protection. This approach reroutes all traffic headed for the organization’s website to an external, cloud-based protection service. This ensures that the website only receives legitimate and clean IP traffic. This approach nullifies potential attacks before they can impact the retailer’s e-commerce operation – and ensures they’ll have a successful Black Friday weekend without DDoS-induced blackouts.