Friday, 24th May 2019
Logo

DDoS attacks on e-commerce providers ramp up over 70% on Black Friday, and by 109% on Cyber Monday

Data shows dramatic surge in DDoS incidents against e-commerce firms over critical online shopping days in November: Link11 warns of further attacks in approach to Christmas.

Link11, the cloud anti-DDoS protection, has released data showing DDoS attacks were at their highest levels in November on two of the busiest online trading days of the year. On Black Friday, Link11’s Security Operations Centre saw DDoS attacks on e-commerce providers increase by over 70% compared with other days in November. On Cyber Monday, attacks increased by 109% compared with the November average.

Several attacks observed during Black Friday and Cyber Monday were of up to 100 Gbps bandwidth, and the average attack volume on both days was just under 6Gbps. In Q3 2018, the average attack volume observed by Link11 was 4.6 Gbps. According to Link11, attack volumes approaching 6Gbps far exceed the capacity of most websites. As such, Link11 is warning online merchants, payment providers and logistics companies to anticipate further large-scale DDoS attacks in the run-up to the Christmas break.

Marc Wilczek, Managing Director of Link11 says: "The e-commerce industry has high expectations of the Christmas trading period, and both criminals and competitors will take this as an opportunity to cause disruption to or extort the e-commerce industry. The growing ‘cybercrime-as-a-service’ sector favours this development. Online retailers should take action now to strengthen their IT security defences against DDoS attacks, in advance."

E-commerce providers have two options to protect their websites and infrastructure against DDoS attacks. They can invest in expanding their infrastructure to absorb peak loads with their own resources: however, DDoS attackers are usually one step ahead of their victims in being able to deliver large-scale attacks to overwhelm services.

So as DDoS attackers find more ways to exploit vulnerabilities in online platforms due in part to the accessibility of DDoS for hire platforms, e-commerce providers are advised to deploy an adaptable cloud defence system to thwart DDoS attacks. Companies with online infrastructures that offer delivery and or payment processing services are particularly at risk from DDoS incidents in the run-up to the Christmas holiday.

Marc Wilczek adds: "Forward-looking companies will benefit from investing in scalable, cloud-based protection solutions in order to counteract targeted overloads caused by DDoS attacks. Information about website and server failures spreads quickly across social platforms as well as complaints about long loading times. All this can contribute to further revenue losses and long-term reputational damage".

Research by German industry association, Bitkomfound that cyber-attacks cost retailers an average of €185,000, comprising the costs of IT repair, loss of sales revenue and reputational damage to the business:

·€13,000 – Cost of IT repairs and troubleshooting

·€18,500 – Enlisting a team of specialist Internet provider to restore the business’s online operations

·€135,000 – Loss of sales over 48 hours

·€18,500 – The value of funding reputational damage limitation measures such as a public relations and marketing campaign

Tufin has introduced Tufin Orchestration Suite R19-1, advancing its leadership in network security a...
Fortinet has published the findings of its latest quarterly Global Threat Landscape Report. The rese...
61% of IT organizations have little to modest confidence to mitigate access security threats, despit...
Rubrik has appointed Rinki Sethi as Chief Information Security Officer. Sethi will be responsible fo...
Over 84% of organisations in Europe use or plan to use digitally transformative technologies, but on...
Bitglass has released findings from its latest report: Kings of the Monster Breaches. Bitglass resea...
Bitglass, the Next-Gen CASB, has announced the appointments of Jon Peppler as Vice President of Worl...
New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are...