Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks


It’s officially Thanksgiving week in the U.S. In addition to gathering with family and friends for the traditional turkey meal, many of us get excited about the holiday shopping season, which kicks off with Black Friday, goes virtual on Cyber Monday and extends through New Year’s Day.

If you’re looking to get a great deal on just about anything, this is the best time of the year to make that purchase. Everyone knows this, including cyber criminals. And that’s a problem for many organizations.

Perhaps as ominous foreshadowing, Amazon announced that a “technical error” exposed customer names and email addresses — days before Black Friday and Cyber Monday even got started.

Employees Will Make Personal Online Purchases on Corporate Time, Machines

Online shopping is a popular activity, both at home and in the office. It’s even more prevalent during the holiday shopping season. In a recent survey from Robert Half Technology, almost 65 percent of respondents said they will spend at least some of their work time making holiday purchases online.

While no one wants to be a Scrooge during the holidays, every organization needs to have safeguards in place to protect against the inevitable increase in the number of cyberattacks that are coming.

2017 Holiday Cyberattacks Paint Picture for 2018 Shopping Season

To help organizations, retailers, and small- and medium-sized businesses (SMB) prepare, the SonicWall Capture Labs threat research team analyzed cyber threat data from the second half of 2017. Unsurprisingly, there was an enormous spike in the number of malware attacks last year on Cyber Monday, the biggest online shopping day of the year. Here are some of the official data points from 2017:

  • Cybercriminals launched more than 113 million malware attacks on Cyber Monday last year, a 4.4x increase over the yearly average
  • Malware attacks jumped 27 percent on Black Friday
  • Ransomware attacks spiked 127 percent on Cyber Monday

So, what does this mean for 2018? Expect your organization to see more of the same. But there are proven methods to stop the surge in holiday cyberattacks.

6 Security Layers Organizations Can Use to Mitigate Holiday Cyberattacks

We know employees will be spending time online at work surfing for deals and customers will make purchases at point-of-sale (POS) terminals, so there is some inevitable risk. And while the data does show a worrisome trend, there are things you can do to protect your network, endpoints and data from cyberattacks during the holiday shopping season.

The key is to have a layered, defense-in-depth approach, something SonicWall can help with through our automated real-time breach detection and prevention platform. From the outside in, here are the six layers we recommend:

  1. Next-Generation Firewall – The first line of defense, a next-generation firewall (NGFW) should have high security efficacy and use machine learning to identify and block malware, ransomware and other attacks at the gateway.
  2. Deep Packet Inspection of TLS/SSL-encrypted Traffic – The use of encryption to hide cyberattacks continues to grow at a fast pace, so it’s essential any NGFW is able to scan encrypted traffic for threats.
  3. Email Security – Email is a common threat vector for delivering attacks, often through attachments, making it critical that any solution be able to scan inbound and outbound email for phishing attacks and infected attachments.
  4. Multi-engine Sandboxing – While one engine is good, several is better when it comes to identifying and blocking never-before-seen cyberattacks. SonicWall Capture ATP is a multi-engine sandbox that features block-until-verdict safeguards.
  5. Real-Time Deep Memory Inspection – SonicWall’s patent-pending RTDMITM technology, included with Capture ATP, identifies and stops difficult-to-find threats hidden in memory where malware’s weaponry is exposed for less than 100 nanoseconds.
  6. Capture Client – Endpoint devices used beyond the firewall perimeter are more susceptible to attacks. Capture Client provides multiple advanced endpoint protection capabilities in addition to the ability to roll back to a previous point before malware entered or was activated on the device.

Next week, SonicWall Capture Labs threat researchers will publish their analysis on three key shopping dates in 2018: Black Friday, Small Business Saturday and Cyber Monday.

Until then, explore the Capture Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins, and monthly trends by attack type.

SonicWall Staff