Black Friday Beware

The colloquialism ‘Black Friday’ has shifted meanings frequently since the early 1960s. In that time, however, one thing has remained constant: Black Friday is the busiest shopping day of the year. Crowds of people gather at retailers fighting for the best deals. Chaos often ensues and sometimes, unfortunately, injuries or deaths are reported as a result. Pandemonium and great product deals are not the only guarantees as the nation prepares for Black Friday. According to a joint warning from the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), threat actors are preparing to cash in on the increased intensity associated with holiday shopping by defrauding retailers and shoppers out of millions.

Black Friday Dangers

Black Friday is the unofficial start of holiday shopping and an optimal time for threat actors and the bots they employ to ramp up their attacks. Data from the National Retail Federation indicates an 8.8% year-on-year increase in online shopping on Black Friday alone and a 44% increase over the entire Thanksgiving weekend. With more shoppers opting to buy their gifts online, the risks associated with shopping also increase.

Given the ease of shopping online, more opportunities exist for threat actors to engage in their preferred methods of attack, including ransomware and other forms of malware. Ransomware has long been a Black Friday concern. According to ZDNet, a technology-focused news outlet, ransomware attacks are up around 500% since last Thanksgiving. Furthermore, the estimated total of malware attacks over the Thanksgiving weekend increased some 63%, per a security threat research organization. It follows that there will be increased ransomware and malware attempts against retailers and online shoppers on Black Friday.

FBI and CISA Warn of Holiday Attacks

In what is becoming a new holiday tradition, the CISA and FBI issued a joint statement reminding shoppers and retailers to remain extra vigilant as 2021 has included several attacks targeting national holidays. On Mother’s Day weekend, there was a DarkSide ransomware attack against Colonial Pipeline; one day after Memorial Day, the world’s largest beef supplier, JBS, paid a large ransom to Russian actors REvil; Over Independence Day weekend REvil attacked Kaseya, a large IT firm, impacting internal services and those of many managed service providers (MSPs). Given this pattern, it is highly likely that threat actors will target whomever they are able this Thanksgiving weekend.

Black Friday Safety Tips

The rise in cyberattacks over major holidays coincides with increased consumer activity and lessened security as many IT workers enjoy time off. Given this reality, it is imperative that organizations offer 24/7 security monitoring, like that provided by SpearTip, to neutralize threat actors before they devastate businesses and their customers. The FBI and CISA shared additional ways to protect valuable data, including financial information. The government recommends using only secured wi-fi to access wireless networks, ensuring strong passwords and multi-factor authentication (MFA) to enter personal accounts, visiting only trusted online sites, avoiding clicking on suspicious links, and ensuring that use of remote desktop protocol (RDP) is secured and monitored.

In this time of increased cyber danger, it is crucial to remain vigilant against the most common tactics, techniques, and procedures (TTPs) used by threat actors. Phishing scams are the most successful, as threat actors attempt to encourage users to share sensitive personal information or donate funds to fraudulent organizations. Deceitful websites imitate reputable organizations and, in turn, capitalize on the consumer desire for extraordinary sales opportunities and the urgency to purchase gifts. Threat actors also prey on shoppers engaging in unencrypted financial transactions that expose sensitive information including credit or debit card numbers, customer names and addresses, and bank account numbers.

The SpearTip Difference

With the holiday shopping season underway and the busiest days just around the corner, it is important for all businesses and consumers to remain vigilant of the threats associated with Black Friday. The best protection against threat actors who stop at nothing to steal valuable information and use malware to hold company data for ransom, is an equally tenacious partner. The certified engineers at SpearTip work 24/7/365, including weekends and holidays, from our global network of Security Operations Centers, monitoring partner systems to protect against attacks. SpearTip’s ShadowSpear Platform, an unparalleled resource in cyber security, identifies, neutralizes, and counters the moves of threat actors before they become devastating attacks. Because cyber criminals do not rest over the holidays, neither do the cyber counterintelligence experts at SpearTip.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.