This year’s Black Friday and Cyber Monday sales look to be the busiest ever, with the cost-of-living crisis driving brits to seek bargain deals in the approach to Christmas. In fact, the number of brits predicted to shop the sales is 6% higher than last year, rising to 39%. After a tough couple of years for retailers this will delight most in the sector, however it should be putting cyber teams on high alert. With potentially more website traffic than ever before, cyberattacks will rise dramatically, and any vulnerability will be exposed to great cost and disruption. Unfortunately, this will put smaller retailers, without the luxury of a large cybersecurity budget, more at risk of breaches.
What must cyber teams and consumers be on the lookout for? Phishing attacks are used to gain access to identity and banking data, by using phony emails and URLs to deceive customers. Malware, which encompasses viruses, spyware, trojans and more, is utilised by criminals to infect consumer devices to do their fraudulent bidding. After gaining access to a network of devices, hackers could launch a Distributed Denial of Service (DDoS) attack to crash a retailer’s website and demand a ransom to remove the blockage. With the peak in digital transactions, E-skimming is now a growing risk, with scammers looking to infiltrate the checkout pages of online shops, stealing payment card details to defraud their victims.
It is therefore vital that cyber teams identify and deal with these threats if retailers are to function when web traffic is at its highest, such as with global events like Black Friday. The key to achieving this lies in a mature operational resiliency posture, making use of strategies supported by hybrid cloud. Utilising scalable, hybrid cloud-based infrastructure will enable retailers to adjust their level of IT resources based on demand, without compromising on performance. With a recession looming, many IT leaders will be asked by their companies to do more with less. Hybrid cloud technology offers a cost-effective solution to legacy systems, allowing for flexibility and elasticity, whilst assuring best-in-class stability with automatic load-balancing. Businesses must also be mindful that providing adequate cyber training for their employees is still an imperative, as part of a robust cyber strategy to successfully navigate surges in cyber risk.