Advertisement

The Holiday Selling Season: A Hacker’s Ideal Time For Attack

1 VP site only Radware headshotAs a retailer, the fourth quarter is the most critical revenue driver for your business. As you double down on your inventory, web site, Black Friday specials, and in store displays — you should also be doubling down on your network security.

E-Commerce sales are expected to reach nearly 80 billion U.S. dollars this holiday season, accounting for 9% of total U.S. retail sales, according to projections from eMarketer. That is a lot — A lot of sales, a lot of traffic and overall, a lot at stake.  For a hacker, this is an ideal opportunity to target your business, and take your site down when you stand to lose the most revenue.

Why? There are so many reasons why hackers attack, from pure publicity to plain vandalism. But for retailers, threats typically arise from competitors, angry users, ransom plots, professional hackers looking for financial gain and hacktivists who associate certain retailers with specific causes.  Whatever the motivation is, the end result is the same — they are all hoping to take advantage of this busy time, hoping you are distracted enough, to bring down or gain access to your network and applications. They are searching for that blind spot in your network — and they only need one — to impact your business.

Advertisement

Now consider the potential losses of your ecommerce site going down — even for just 15 minutes — on Black Friday or Cyber Monday. Research from Emulex shows that total damage from network outage and performance degradation is more than half a million U.S. dollars per hour. And this does not take into account the busiest time of the year.

Today’s hacker can sustain a DDoS attack for days. Radware is seeing more and more customers under weeklong, month-long and sometimes continuous attacks. In a recent study we conducted, nearly 20% of respondents told us they were under constant attack in 2014, a big jump from the 6% who reported constant attacks in the previous year. Are you prepared to detect and mitigate against sustained attacks during the holiday selling season?

Behavioral-Based Analysis: Not Just For Advertising

As retailers experience a significant traffic spike during the holidays, it becomes more challenging to detect cyber-attacks that target your applications. Most systems rely on a rate-based solution for detecting attacks, which simply means monitoring traffic volumes and detecting attacks based on traffic that goes beyond a certain pre-set threshold. This might be ok for normal days but during holiday seasons this type of solution can lead to one of two problems. If the thresholds are set to low, it will result in high false positives — you will detect the legitimate holiday season spike in traffic as malicious and block it. If the thresholds are set to high, both holiday traffic and malicious traffic will be able to get through into your network, resulting in high false negatives.  In both cases, once traffic reaches a certain thresholds it is blocked — so both malicious traffic and legitimate user traffic are blocked from entering your system. Obviously, blocking legitimate users from entering your system during your busiest selling time is not good for the business.

This is why it’s important to look beyond rate-based solutions and consider solutions that can analyze the behavioral characteristics of the traffic to decide if it’s legitimate or malicious.  Such a solution goes deeper into the traffic characteristics — looking at rate but also rate-invariant and other aspects — to give you a higher quality of detection, limiting false positives and negatives.  When an attack happens, the behavioral-based solution can identify its specific fingerprint and block only the malicious traffic from entering your system and reaching your applications. So legitimate users are not impacted, they can reach the applications and make their online purchases.

Being Prepared Is Key

As you are preparing for the holiday season, you should consider these best practices to better protect your network against attacks:

  • It’s all about the basics: Making sure you are running the most up-to-date software across all your devices and have properly configured devices. Often times the blind spots in our network are right in front of us and can be prevented by a simple software update or installing the latest security patches for your systems.
  • The devil is in the details: Yes, it seems complicated but make an effort to understand how your security solution works today. What type of protection it provides — does it give you the quality of detection and mitigation you need to keep your business up and running during this season?  Will it be able to accurately differentiate between legitimate and malicious traffic? Will it block legitimate users from getting to your web site when you are under attack?
  • Get all your ducks in a row: Have a security response plan in place before the heavy holiday season starts. This includes a contingency plan. Educate and train your teams on the plan so they know what they need to do, what is expected and who to contact. Update all key personnel contact lists and whereabouts and make sure you have coverage over the holidays to deal with any threats and that your team knows who is on point.
  • Seek out external help to supplement your team: Identify areas where you will need help from a third party. Having a vendor to provide you with security expertise and services before, during and after attacks can make all the difference in your bottom line sales. Make sure to identify the right vendor for you based on your SLA needs and have the relationship set-up and ready-to-go before the season starts.

 

All of these will go a long way to help ensure you don’t open any doors for hackers — keeping your web site up and running and your customers happy. After all it is the most wonderful time of the year!

 


 

Shira Sagiv is the Director of Security Product Marketing at Radware. She is responsible for the positioning and messaging, launches, and all inbound/outbound product collateral for all security products. Prior to Radware, Sagiv spent 10 years at Microsoft HQ, in various senior product marketing positions including building Microsoft’s Security Response process and managing executive communications around the company’s security efforts. 

 

 

Feature Your Byline

Submit an Executive ViewPoints.

Featured Event

Get free access to tactical tips, invaluable insights, and deep-dive conversations that will help you hone your strategies for Q4 and beyond. That way, you can be sure to be on shoppers’ nice lists this holiday season…and all year long.

Advertisement

Access The Media Kit

Interests:

Access Our Editorial Calendar




If you are downloading this on behalf of a client, please provide the company name and website information below: