In terms of growth, the unofficial retail holiday Cyber Monday is starting to dwarf its physical retail cousin Black Friday.
Comscore recently predicted that “Cyber Monday will be the heaviest online spending day in history and approach $2 billion in spending with a 20%+ year-over-year growth rate.”
For companies operating in the online retail space, this is cause for celebration. But where there’s room for a sales boom, there’s also room for theft and mayhem.
We reached out to Rafal Los, a security strategist and strategic adviser with more than a decade and a half of enterprise and consulting experience. He is active in the security community and is a well-known speaker and blogger. In fact, we liked his blog so much we picked it as one of our Must-Read IT Blogs two years in a row.
Here are Los’ thoughts on the Cyber Monday precautions companies need to take before the digital sales waves come crashing on their shores.
LOS: I believe there are three main threats that aren't necessarily new for this year: watering hole attack, DDoS and data extraction/corruption. Attackers can compromise weak online sites because they know thousands or millions of people will go there, so they insert code which will drop a Trojan or other malware.
The e-commerce site then is complicit in distributing malware and helping attackers attack its customers, usually completely unaware. The DDoS is the standby attack, which isn't really used much against retailers unless there are other motives involved. The third attack is the oldest and still the one we read about in the news the most.
An attacker exploits weak and vulnerable software and extracts credit card information, customer information or other sensitive data from an e-commerce system or otherwise can corrupt data to cause an outage or issues.
LOS: There are always new hacking techniques, but unfortunately, the biggest threat continues to be insecure software. No matter how you look at it, it's vulnerable software, websites and apps that continue to be the source of breaches.
LOS: High-traffic situations definitely pose an interesting issue due to the volume of data. Ideally, in a well-run security operations center, the volume of good traffic shouldn't matter, and bad traffic is easily identified because it falls outside the behavioral baselines set up ahead of time.
The problem, of course, is that finding an organization that has both a mature SOC (security operations center) and useful baselines of their IT systems is like finding the jackalope. The other ugly reality is that in high-pressure situations (like Cyber Monday, for example), security teams are often told to get out of the way of doing business and processing transactions, so that adds yet another layer of complexity and ties the SOC’s hands.
LOS: Quite simply: year-round awareness. Leaving security to the last minute or for a time when you “really need it” is futile, as it needs to be 24/7/365. Otherwise, customers and users will forget or fall prey.