The few days after Thanksgiving in the U.S. are traditionally peak holiday shopping days for U.S. residents. They flood both physical and online stores to check off items on their holiday shopping lists, with hopes of scoring a few bargains. Almost everyone does some shopping online, according to the most recent Pre-Thanksgiving Holiday Retail Survey conducted by Deloitte consulting:
“85 percent of shoppers plan to shop in-store over the holiday weekend and 91 percent plan to cross off their lists online. Despite having so many online shoppers on Black Friday, Cyber Monday continues to be a peak shopping day online. Nearly three-quarters (72 percent) of respondents plan to shop online on Cyber Monday.”
With so many website visitors during that crucial retail shopping window, companies must brace for spikes in traffic, protect their network security and maintain website uptime. Perhaps the number one concern of IT security staff at retail stores is data breaches. That’s for good reason; the Identity Data Theft Resource Center reported that as of November 15, 2017 (since January 1, 2017) there have been 1,172 data breaches, resulting in 171,687,965 exposed records!
Of course companies must guard against cyber threats such as phishing scams, malware, ransomware and data infiltrations that harvest personal information such as credit card numbers and email addresses. But they should also be concerned with distributed denial of service (DDoS) attacks, because 1) volumetric DDoS attacks can affect website availability/service, and 2) low volume, short duration attacks often serve as a smokescreen for a security breach such as data theft, or installation of malware or ransomware. In a sub-saturating attack, hackers can take down the target’s assets while leaving Internet connectivity in place.