Secure your Online Sales from Cybersecurity Threats during the Holiday Season

Online Holiday Shopping

The holiday shopping season is upon us. Typically, it begins around Black Friday, goes through Cyber Monday, and extends until the New Year. This year, online retailers are pushing the boundaries with “Black November” in the hopes of improving their online sales. Amazon even went further with its Amazon Prime Day event in October. With the uncertainty around in-store shopping due to COVID-19 and the risk of infection, many customers are choosing to make their purchases from the safety of their own homes. What should you expect? If your business includes e-commerce, look for more users and devices connecting to your sites to access applications than in past years.

The Good News…and the Bad

The good news for e-tailers is that overall sales are expected to grow this holiday season, which is critical as many businesses rely heavily on holiday shopping to meet their yearly revenue targets. Predictions for holiday spending vary, ranging from flat to +3.5 percent. However, one thing is clear. Online sales will take center stage. Results from an annual survey by the National Retail Federation (NRF) and Prosper Insights and Analytics indicate that the majority of consumers (60 percent) plan to make their purchases online this year. They’re not the only ones who anticipate growth in online shopping. The International Council of Shopping Centers (ICSC) is estimating a 25 percent increase in e-commerce sales, while Deloitte forecasts online sales to grow 25-35 percent during the holiday season compared to 2019, generating $182 billion-$196 billion.

So, what’s the bad news? Just as online sales are at the forefront, so is cybersecurity. Retailers aren’t the only ones looking to capitalize on the increase in online spending. The holiday shopping season offers hackers an opportunity to profit as well. We’ve already seen a huge uptick in cyber-threats due to COVID-19. Now, online holiday shopping provides cyber-criminals with additional motivation to launch their attacks. Let’s take a look at some of the top threats online retailers are up against.

The Consequences of Poor Cybersecurity

While these attacks occur year-round, they reach new heights during Black Friday, Cyber Monday, and December as more shopping goes virtual. As a result, cybersecurity takes on added importance. If your organization isn’t prepared to stop malware, DDoS attacks, and other threats, the consequences of a successful attack could be significant. Here’s what your organization could be facing.

Lost Revenue – Perhaps the biggest impact to any organization is revenue lost as a result of an inability to sell products or services online. Any downtime to a web server that prevents customers from making a purchase is damaging to online sales and can potentially have a severe impact, especially for smaller organizations.

Data Theft – The increase in online shopping during the holiday season is a lure for cybercriminals to launch attacks aimed at stealing corporate and customer data. Phishing emails claiming to have information on fake shopping receipts, shipping status, and customer surveys are very popular during the holidays.

Disruption of Services – DDoS attacks can target services that we deem essential. So can ransomware. E-commerce sites, public utilities, and schools are just a few examples of their victims. Shutting down access to a service, even for a short period time, can have major financial and social impacts.

Damaged Reputation – Damage can extend beyond short-term financial losses and data theft. Consumer confidence and brand reputation can quickly erode when consumers have a poor online experience. Customers aren’t shy about using social media to express their displeasure.

Reduced Productivity – It’s not just customers who feel the impact of a successful attack. If your employees can’t access the applications they need to do their jobs, expect to see a drop in productivity with an accompanying rise in undesirable workarounds.

Steps to Take for the Holidays and Beyond

Cybersecurity isn’t just something to think about during the holidays. It’s an everyday concern. Fortunately, there are some things you can do to keep your applications, your network, and your organization safe from threats, especially during times when online shopping spikes.

First, look for a solution that provides DDoS detection and mitigation to ensure your services are continually available to legitimate users. Hackers have learned how to weaponize IoT devices to launch complex multi-vector and volumetric attacks capable of bringing down application servers and entire networks. Second, protect your web-based applications with web application firewall (WAF) technology. Outdated applications are especially vulnerable to attacks. A WAF will secure them from hackers looking to exploit HTTP and web application-based flaws. Third, find solutions that meet your current and future platform needs. You may not have made the transition to the cloud yet, but chances are you have some cloud-based apps, so be sure your solution is ready when you are, whether it’s to a hybrid cloud or multi-cloud infrastructure. And finally, continue to educate your employees on the need for good cyber hygiene. According to a 2019 IBM study, 95 percent of cybersecurity breaches are caused by human error.

If you’re looking for assistance with application availability and protection from cyber threats such as DDoS attacks, application vulnerabilities, and malware, A10 Networks can help. Our Thunder® Application Delivery Controller (ADC) provides high-performance advanced load balancing that can be extended on a global basis to ensure your applications are always available worldwide. Our Polynimbus secure application services approach will help you gain greater visibility across your hybrid cloud or multi-cloud deployment. Thunder ADC incorporates application security with ICSA-certified WAF and DDoS protection as well as DNS server protection with DNS application firewall (DAF). Tight integration with A10 Harmony® Controller provides central management and analytics, with a drill-down map by country that gives you an at-a-glance view of attack information when you’re busy. No matter where you are in your journey to the cloud, A10 Networks has a Thunder ADC solution to meet your needs with hardware, virtual, bare metal, and container platforms.

For the highest performance in DDoS detection, mitigation, and cloud protection, A10 Thunder Threat Protection System (TPS) delivers industry-leading precision, intelligent automation, and scalability that’s powered by machine learning. Thunder TPS takes a proactive approach by leveraging reputation data from over three dozen security intelligence sources to instantly assess and block traffic from millions of known bad actors.

The holidays are here and that means more online shopping. If your organization engages in e-commerce, expect to see a spike in your web traffic from eager customers. Remember that securing your applications, servers, and networks from cyberthreats is essential, not just during the holidays but all throughout the year.

Categories:

Scott Grebe
|
November 24, 2020

About Scott Grebe

Scott Grebe is a senior product marketing manager for application delivery controller (ADC) solutions at A10 Networks. He has over 20 years of product marketing and product management experience working for high tech companies including Sophos, SonicWall, Apple, and SGI. READ MORE