Blog

No items found.

Holiday hacking: Cyber-attacks on Cyber Monday

Holiday hacking: Cyber-attacks on Cyber MondayDefault blog imageDefault blog image
18
Nov 2016
18
Nov 2016

Every year, on the first Monday after Thanksgiving, two things happen. First, online retailers slash prices and the internet goes on its annual shopping spree. And second, criminals swarm on unwitting businesses, launching large-scale hacks and clever scams.

Digital sales reach up to $3.19 billion on Cyber Monday. Amazon alone generated 36 percent of all online sales last Cyber Monday, accounting for an estimated $1 billion. With so much money changing hands over the internet, the ramifications of a cyber-attack would be huge.

What happens if a DDoS attack hits Amazon’s service provider? The website goes down. Digital sales grind to a halt. And millions in revenue go down the drain as they watch their most lucrative day of the year pass them by.

On Cyber Monday 2014, a DNS provider was hit with a fairly rudimentary DDoS attack. While it lacked the large-scale impact of today’s Mirai botnets, their clients lost vital business. In another holiday attack, criminals hacked Target and stole sensitive data from 70 million customers.

Disruption and data-theft have become tried-and-true tactics for criminals on Cyber Monday. And with Mirai botnets capable of launching massive DDoS attacks, these could become even more devastating, reminiscent of the Dyn attack but with more far-reaching monetary consequences.

However, in their current form, DDoS attacks are still relatively simple. They work by exploiting a fundamental flaw in the Internet. But what if this Cyber Monday, a highly targeted and sophisticated DDoS attack took an organization hostage? By overwhelming a company — or a series of companies — with junk traffic, an attacker could demand a large sum to stop the attack. Whether to manipulate the market or for financial gain, all signs point toward increasingly advanced DDoS attacks.

The implications for this Cyber Monday are clear — businesses need to be prepared. From DDoS to ransomware, every organization can expect to be hit. Companies should bolster their cyber defense well before the holidays, because in security, as in life, you should expect the best, but prepare for the worst.

To learn more about the types of attack you could face, check out my thoughts on DDoS and the IoT.

Like this and want more?

Receive the latest blog in your inbox
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
Justin Fier
VP, Tactical Risk and Response

Justin is one of the US’s leading cyber intelligence experts, and holds the position of VP, Tactical Risk and Response at Darktrace. His insights on cyber security and artificial intelligence have been widely reported in leading media outlets, including the Wall Street Journal, CNN, The Washington Post, and VICELAND. With over 10 years’ experience in cyber defense, Justin has supported various elements in the US intelligence community, holding mission-critical security roles with Lockheed Martin, Northrop Grumman Mission Systems and Abraxas. Justin is also a highly-skilled technical specialist, and works with Darktrace’s strategic global customers on threat analysis, defensive cyber operations, protecting IoT, and machine learning.

USE CASES
No items found.
PRODUCT SPOTLIGHT
No items found.
COre coverage
No items found.
This Article
Holiday hacking: Cyber-attacks on Cyber Monday
Share
Twitter logoLinkedIn logo

Related Articles

No items found.

Good news for your business.
Bad news for the bad guys.

Start your free trial

Start your free trial

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get a demo

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.