Black Friday is one of the most anticipated shopping days of the year. Shoppers are up at the crack of dawn to hit their favorite stores. Some will go as far as to camp out at the stores offering the hottest deals while others will avoid the malls altogether by finding the best sales online. Nearly 100 million Americans are expected to take advantage of Black Friday discounts this year. However, these shoppers aren’t the only ones who have been waiting for Black Friday; cybercriminals are just as excited for this big shopping day. Securing your website for the holiday season is one of the best things you can do for your business and your customers.
Consumers spend a lot of money on Black Friday, and cybercriminals know this. Hackers use this opportunity to plan and execute attacks on retailers. These criminals likely prepare for attacks weeks in advance. For example, while the Target breach resulted in stolen payment card data beginning on Black Friday, the actual attack occurred a month earlier.
According to recent studies, 58% of retailers are less secure than they were a year ago. In 2014, attackers primarily used command-injection attacks, such as SQL injection during the holiday season. SQL injection is a code injection technique used to attack web applications, in which malicious SQL statements are inserted into an entry field for execution.
While SQL injection was popular last season, two weeks before Black Friday, attackers switched to password guessing, which ended up accounting for half of all attacks. Leave it to cybercriminals to keep us all guessing.
As fun as Black Friday is for shoppers, it can be a chaotic time for retailers. Many of your customers use your website to shop online. They likely have an account with you and have their personal information stored for fast and easy checkout. To avoid password guessing, make sure you are requiring strong passwords. A strong password consists of at least six characters, with a combination of letters, numbers and symbols. It’s recommended that these passwords contain letters in both upper and lowercase. They should be hard to guess but easy for the customer to remember.
To protect against vulnerabilities such as SQL injection, consider using a web application firewall (WAF). It’s important to use a web application firewall that offers zero-down time in the wake of an attack, ensuring that you can presume normal business operations. It’s time to gear up and get ready for Black Friday. If you take the time to take care of your website’s security, you’ll be able to focus your attention on your customers and your sales during one of the busiest shopping days of the year.
Contact SiteLock today and set up