BLOG: How Black Friday Impacts Businesses

With Black Friday around the corner, it is important consumers and businesses stay vigilant to the potential risks and take the necessary steps to mitigate the risk of data breaches. The retail industry is one of the most targeted sectors for cyber-attacks in 2021. Threat actors utilise this time of year to target unsuspecting consumers and businesses, last year it was reported that online consumers were duped and swindled of £2.5m and Action Fraud (the national reporting centre for fraud and cybercrime), said that the occurrence went up by 61% from 2019.

The risk is has caused Britain’s National Cyber Security Centre (NCSC) to alert small business owners to ensure they have Magento installations up to date and have enabled multi-factor authentication on staff account to make sure it’s fully patched ahead of Black Friday.

Cybercriminals are exploiting these threat vectors to steal money and sensitive data. Retailers must take the essential steps to ensure they mitigate the risk of a data breach resulting in financial, operational, and reputational damage. Threat actors can target retailers’ websites and lead shoppers to their malicious website clones to steal their personal or payment information.

Threat actors can create and distribute malicious links and code where shoppers click, or threat actors may create counterfeit websites and social media profiles. Social media and business email are popular ways to attack. By compromising employee accounts, cybercriminals can greatly increase their impact. Phishing is a popular tactic used, employees are contacted by threat actors posing as a legitimate person or organisation. The fraudulent company or individual will lure employees into providing sensitive data.

Throughout 2021 it was found that ransomware is one of the most prevalent methods that threat actors are using to target businesses. A 2021 survey conducted by cybersecurity professionals found that 44% of all retail businesses were hit by a ransomware attack. Ransomware is a major type of attack retailers face, especially around key times of the year like Black Friday and the lead up to Christmas. Threat actors are actively targeting UK retailers with double-extortion ransomware attacks and will continue to do so as long as they remain a successful (and lucrative) attack method.

Point-of-sale (POS) cyber-attacks are a popular type of cyber-attack in the retail industry. POS attacks take place when malicious malware is installed on systems used to take payment so that the credit card details are stolen when it is used. Point-of-sale cyber-attacks are common and even US retail giants Target, Neiman Marcus and Michaels Stores have fallen victim to malware on POS systems which as a result had an overwhelming impact on sales and consumer confidence in the safety of credit-card information at retail POS terminals

Retailers are also at a large risk of insider threats from employees. Insider threats are often conducted by disgruntled current or ex-employees. Ponemon Institute conducted a survey that found over half of respondents admitted to taking information from a previous employer and 40% of those intended to use it in a new job. These types of attacks are often less technical and are usually able to take place when access has not been revoked or when a device containing sensitive information has been stolen and published online.

Threat actors will exploit any vulnerabilities displayed on their targets website. These vulnerabilities can include outdated software in the architecture and more, these vulnerabilities present opportunities for threat actors to gain access to a business’s website and relevant systems to cause a disastrous data breach. Supply chain attacks are another threat vector that threat actors exploit. Most businesses rely on a vast supply chain network to keep business and stock moving, but the increased use of digital communications and cloud computing has made the supply chain has become a common attack surface.