‘Tis the season!  Winter holidays are upon us, and with it brings the yearly high-volume online shopping season we all know as Black Friday/Cyber Monday (BFCM). With the total US consumer spending estimated at over $717 billion in the 2018 BFCM season, retailers know that the next few weeks are a critical time for their infrastructure.

Unfortunately, so do ransomware attackers.

DevOps Connect:DevSecOps @ RSAC 2022

What will attackers be looking at?

The business of ransomware is profit-driven one. Black Friday/Cyber Monday is arguably one of the worst times for a retailer’s digital infrastructures to go down, and ransomware authors have started to focus their efforts on these retailers who know that even 60 seconds of downtime could mean a huge loss of sales.

Knowing this, attackers work to get on your network and find the most critical business systems, find where they are vulnerable and get the most leverage they can before attempting to extort you. They want you to see the option of paying for the decryption keys as your only way out.

While trends in other malware attacks generally saw a 30-40% dip in incidents in the 2018 BFCM season, ransomware attacks saw an average increase of 500%, with the number of attacks on Black Friday reaching a staggering 28x increase from the year before.

How would a ransomware attack affect a retail company if it was hit during the BFCM season?

The most obvious way would be the loss of ability to operate and make sales. With thousands of customers looking to do their holiday shopping and take advantage of deals, consumers visiting the impacted sites may see an increase in error messages and difficulties, which eventually lead to higher shopping cart abandonment rates as they look for a different retailer to shop from.

Ransomware attacks can also lead to (Read more...)