Black Friday and Cyber Monday risks.
N2K logoNov 21, 2022

Cybercriminals always take advantage of the holiday season to launch scams and other attacks, and shopping scams began ramping up last month.

Black Friday and Cyber Monday risks.

Seasonal fraud has already beginning, and it will reach a peak this coming Friday.

Seasonal scams.

Bitdefender says 56% of all Black Friday-related spam emails between October 26th and November 9th were marked as scams. The researchers have observed emails offering free iPhones, $500 gift cards for Home Depot, and huge discounts on Louis Vuitton bags and Ray Bans.

Avanan warns of a large increase in scams themed around “shipping notifications, special offers, refund notices.” Researchers at Armorblox offer real-life examples of these types of scams.

“Why do we still fall for phishing attacks after all those security training and awareness sessions?” Armorblox asks. “Because these attacks target your brain more than they do any security system. Security training teaches end users to allocate attention prior to each action, with methodical intention (System 2 thinking), where each step is considered and taken with caution prior to continuing. However, when doing the same action that we have done 100 times over, we tend to go through the motions without much thought, operating quickly and taking automatic actions based on past behaviors (System 1 thinking). When end users are going through their busy days and full inboxes, they are doing so with System 1 thinking. This is why end users are more likely to fall for phishing attacks in real life when you remove the training guardrails, where meticulous attention prior to every action is not demanded.”

Ransomware warnings.

Cybereason warns of the potential for ransomware attacks over the long holiday weekend. The researchers surveyed 1,200 cybersecurity professionals, finding that 88% of respondents had missed a holiday or weekend event due to a ransomware attack:

“When organizations operate with fewer cybersecurity resources during off-peak business hours, ransomware attacks take longer to assess and remediate. One-third (34%) of respondents whose organizations had been hit on a weekend or holiday said it took them longer to assemble their incident response team. A little more than one-third (37%) said it took them longer to assess the scope of the attack, and 36% said it took them longer to stop and recover from the attack. 

“The numbers were higher in the U.S., where 44% of respondents said it took them longer to assess and respond to a weekend/holiday ransomware attack. This marked a 19% increase over U.S. results from last year’s survey.”

Retailers get the importance of security, but times can be tough and mistakes can be made.

Added, 10:30 PM, November 22nd, 2022.

Surya Varanasi, CTO at StorCentric, notes that, “While retailers are well aware of the importance of uptime and data security, many continue to struggle, particularly during high-stakes shopping periods. However, with inflation hitting its highest level since 1982, and a recession looming, retailers must ensure they are in an ideal position to meet customer demand, service expectations and capitalize on a time when consumers may be open to loosening their purse strings." There are certain crucial practices they should remind themselves of and resolve to follow:

"This is a time when data backup and data security best practices are critical. Today, many backup and security processes have become highly automated. But, as ransomware and other malware attacks continue to increase in severity and sophistication, it is clear that proper cyber hygiene must include protecting backed up data by making it immutable and by eliminating any way that data can be deleted or corrupted. 

"An Unbreakable Backup does exactly that by creating an immutable, object-locked format, and then takes it a step further by storing the admin keys in another location entirely for added protection. Additional best practices should include deploying a solution that includes policy-driven data integrity checks that can scrub the data for faults, and auto-heals without any user intervention. In addition, high availability is best ensured with dual controllers and RAID-based protection that can provide uninterrupted data access in the event of a cyber attack from any internal or external bad actors, as well as a simple component failure. In this manner, recovery of data will also be faster because RAID-protected disk arrays are able to read faster than they can write. With an Unbreakable Backup solution that encompasses these capabilities, retailers can ease their worry about their ability to recover — and redirect their time and attention to activities that more directly impact maximizing opportunities at this time of year, and all year long.” 

Security and availability are complementary, mutually reinforcing commercial imperatives.

Added, 10:30 PM, November 22nd, 2022.

Brian Dunagan, Vice President of Engineering at Retrospect noted ways in which availability and security need to be mutually reinforcing:

“The cost of downtime can be staggering, especially at this time of year, and the impact on a retailer’s business reaches far beyond the immediate loss in sales. While malicious or even careless employee actions can also present downtime and data loss risks, external bad actors--ransomware and other malware--are the most common threats. Retail IT professionals are most concerned about their ability to recover from a successful ransomware attack.

"My advice to them is this. It is a given that you must deploy data security and high availability (HA) solutions. A simple 3-2-1 backup strategy is also essential (i.e., always have at least three copies of data; two onsite on different media, and one in an offsite location). However, as a successful cyberattack is likely just around the corner, you must be able to detect ransomware as early as possible to stop the threat and ensure your ability to remediate and recover. A backup solution that includes anomaly detection to identify changes in an environment that warrants the attention of IT is a must. Administrators must be able to tailor anomaly detection to their business’s specific systems and workflows, with capabilities such as customizable filtering and thresholds for each of their backup policies. And, those anomalies must be immediately reported to management, as well as aggregated for future ML/analyzing purposes.

"Despite the increasing threat of cyberattacks and data breaches, retailers can prevail by staying vigilant and proactively enacting processes and deploying today’s innovative technology solutions; and in doing so, not only protect themselves but also their customers.” 

Check legacy security tools for their continued applicability.

Added, 10:30 PM, November 22nd, 2022.

Don Boxley, CEO and Co-Founder of DH2i observed that some old, familiar security tools may no longer be up to the job:

“As the retail world continues to experience dramatic transformation – some of it temporary, some of which will likely endure – it demands a data access and security solution that can support the way it works today, and tomorrow. Like many technologies that preceded them, VPNs were at one time truly cutting-edge unrivaled technology. However, over time as the world’s IT and business climate has progressed, VPNs have remained almost completely unchanged. Consequently, VPNs are now not only unable to keep hackers at bay, but they may also actually make their jobs easier for them.

"As we head into what is arguably one of the busiest and most important seasons of the year for retailers, maintaining data access and security is paramount. What is virtually impossible to accomplish with VPNs can now however be achieved with the more modern, innovative and real-world proven software defined perimeter (SDP). 

"SDP enables organizations to build a secure software-defined perimeter and use Zero Trust Network Access (ZTNA) tunnels to seamlessly connect all applications, servers, IoT devices, and users behind any symmetric network address translation (NAT) to any full cone NAT: without having to reconfigure networks or set up complicated and problematic VPNs. By leveraging SDP this holiday shopping season, organizations can ensure safe, fast and easy network and data access; while slamming the door on any potential cybercriminals or Grinch.”

Actionable steps businesses can take for better security during the holidays.

Added, 11:00 PM, November 21st, 2022.

Mike Rogers, presently an IronNet Cybersecurity board member and formerly Chairman of the U.S. House Intelligence Committee, advises businesses to be especially vigilant for social engineering attacks during the holiday season. “Hackers enjoy the holidays as much as we do, hurting us while we are distracted from cybersecurity defense systems and protocols," Rogers said in written comments. "It makes it that much more important to raise your cyber guard starting this week. Hackers and scammers hope that you’ll be so focused on celebrating the season, that they can easily use techniques that will let them into Americans’ networks. The holidays are just as important of a time to apply best cyber hygiene practices.”

He offered a few actionable tips businesses and their employees might consider to their benefit:

  • "Companies should use the downtime during the holidays to update critical systems, push software patches that close vulnerabilities, and ensure its cyber security protections are as robust as possible for the New Year." 
  • "Employees should also be particularly wary of suspicious emails that are made to look like company emails." 
  • "Employees should keep an eye on work emails that don’t seem quite right. Messages about end-of-the-year bonuses, staffing changes, or even holiday parties could be the way a hacker gets into your networks. If something seems off, trust your gut and report it to the Cybersecurity & Infrastructure Security Agency." 

Added, 9:00 PM, November 22nd, 2022.

Richard Copeland, CEO of Leaseweb USA, notes the way market pressure can affect security, and urges retailers to plan ahead:

“Even with inflation and ongoing supply chain issues on everyone’s mind, consumers are still planning to spend and engage in e-commerce this holiday season. However, surges in online traffic are no longer limited to the traditional days that follow Thanksgiving. Consumers are starting to shop earlier due to possible inventory shortages and many are comparing prices online in order to find the best deals before they buy.

"This trend requires online retailers to plan ahead and ensure their infrastructure is ready to support extended and possibly unpredictable periods of higher traffic throughout the busy season. They need to deliver a seamless digital experience that holiday shoppers expect. Merchants can achieve this by doubling down on the basics of maintaining fast load times, preventing costly website downtime and keeping customer information safe and secure.”