Cyber Monday is here to stay. What started as a phenomenon whereby North Americans were notably shopping online between Thanksgiving and in the run up to Christmas has now become the number one event on the commercial calendar for many retailers. In the UK, Cyber Monday is the busiest day of the year for online sales. What’s more, sales on Cyber Monday grow around 10% year on year.
For consumers, Cyber Monday is a perfect storm, a combination of reduced prices and a willingness to spend in the holiday season.
For retailers, it’s a massive opportunity.
So, good news all round? Bargains for consumers, a hike in revenue for online retailers? Sadly, that’s not the full picture. Even businesses with no involvement in Cyber Monday would do well to prepare a robust cyber defence for this time of year in particular.
For those in the cyber security industry, Cyber Monday can be a date fraught with tension for two key reasons.
Malware and Phishing
Hackers and scammers can be incredibly cunning. Each year, they use an increasingly complex and convincing arsenal of fake emails and websites to trick bargain hunters into handing over their personal information or opening malware laden attachments. These phishing attacks mimic the emails, websites and shipment tracking of well-known existing businesses to trick shoppers. Thanks to the frantic nature and scarcity of supply associated with Cyber Monday, consumers often let their guard down in an effort to snatch up the best deals.
You might think that as a business, this isn’t your problem. Maybe you represent an online retailer, or even a business that takes no part in Cyber Monday. You would be wrong.
Phishing affects everyone with an email address. In even the most cyber secure business, your employees are susceptible to phishing attacks. This risk is multiplied by order of magnitude if your employees are using work devices or email accounts for shopping.
So, picture this. Your organisation is not an online retailer, but thanks to Cyber Monday, one of your employees has opened an email containing an attachment from a hacker disguising themselves as a popular online store. The attachment contains malware which has now let itself loose on your network.
For online retailers participating in Cyber Monday, there is big risk involved. Having one day account for so much of their revenue for that period (some estimates put Cyber Monday as 20% of the revenue for the season) means that any website downtime could be incredibly damaging for revenue and brand alike. Hours or even minutes of outages could see thousands or even millions go down the drain as you spend the most lucrative day of the year on the phone to cyber security specialists.
Distributed Denial of Service (DDoS) is the kind of attack most commonly associated with this type of web outage, but more sophisticated methods of attack are being seen more and more. It’s possible that hackers already have a route into your network and are waiting for the most opportune moment to take out your website and send ransom demands.
What Can I Do?
So, Cyber Monday brings its share of threats to your online operations – internal, thanks to the heightened risk of phishing, and external, due to the increased damage potential of website downtime.
Cyber attacks are continuously on the rise and there are a multitude of protection technologies available. However, it is important that you have a comprehensive monitoring of your environment to detect when you’re being attacked, and to enable you to respond as quickly as possible.
The best way to insulate your business from cyber threats is Daisy’s comprehensive, 24/7/365 managed detection and response (MDR) service.
Our MDR service works by:
- Proactively searching for threats and signs of intruders
- Analysing massive amounts of log data from your system, using a mixture of human and artificial intelligence to search for signs a hacker or malware may be attempting to break into (or already inside) your network
- Triaging these alerts to assess the risk and scale of security events
- Remediation – our security operations centres in the UK and Australia respond to the incident and rectify the issue remotely
Our MDR solution spots threats as soon as is possible (detection) and nips them in the bud (response) before they are able to develop into an issue that could harm your business.
We know that Cyber Monday is a time for heightened awareness of the risks. Whether you’re involved in online retail or not, this period sees more cyber attacks and phishing emails than the rest of the year. Don’t risk a disaster, we can protect your business with our MDR solution.