Black Friday and Cyber Monday have become two of the most important sales days of the year for retail companies, that can make or break the yearly figures. Cyber criminals take advantage of these holiday sales days in a different way - targeting websites at the time of peak demand. Security teams are stretched to their limits and attacks can be hidden more easily and networks can be accessed unnoticed. DDoS can be used either as a ransom i.e. “Pay up and we’ll stop” or as a smokescreen - while you’re busy focusing on the loud, volumetric attack, they sneak in the back door, installing malware to steal your data.
If your website is unable to handle a DDoS attack and your business went offline, what would your customers do? They wouldn’t be able to access your services and applications such as payment platforms would be down. If you are lucky they might wait for a few hours, but most likely take their credit card and go to someone else. The commercial losses and impact on reputation could be severe for a retailer.
But Black Friday should be an opportunity not a threat, so what can businesses do to protect themselves and prepare for peak sales period? Understanding the risks and evaluate is a start; what is your exposure and what would the consequences be if taken offline. Having systems in place to identify anomalous behavior will help you take action in mitigating malicious traffic, and web application firewalls (WAF) can stop attempts exploiting vulnerabilities.
Last year we wrote a blogpost about protecting a website on high traffic days and the challenge discerning friends from foes. From a network perspective, access to your web page, downloading of a file, and so forth look the same no matter the source. So how do you distinguish a botnet accessing your website from 10 000 compromised hosts, from 10 000 real customers with credit card in hand? Read that blog post here.