View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 23, 2017

Black Friday cyberattacks to break records as hackers enlist bots

Identity is central to this increasing problem, and it is available in abundance due to the massive data breaches that have rocked the world in 2017.

By Tom Ball

We are in the midst of a week predicted to be record breaking in terms of cyberattack volumes, with malicious activity set to spike aggressively on Black Friday and Cyber Monday.

A colossal 50 million attacks globally are expected to hit throughout the prime shopping period, meaning that potentially billions of pounds are hanging in the balance in the UK alone.

In the run up to what may prove to be the worst week of cyberattacks on record, it is also important to note that 171 million attacks have been logged in just the last quarter. This tremendous figure is a 100 per cent increase compared to the same time span in 2015.

Hackers are thought to be prepared for capitalising on the season of spending, with ThreatMetrix recognising an increase in bot activity in the run up to the booming retail period. Fear surrounding the potentially crippling power of bots has peaked recently upon the discovery of the Reaper botnet.

Black Friday cyberattacks to break records as hackers enlist botsIn the past 90 days, 450 million bot attacks have been recorded, with a focus found to be on automated attacks and identity testing.

The massive data breaches of 2017 have brought personal credentials to centre stage, masses of data is available to purchase and use, making the Black Friday even more appealing to fraudsters.

Vanita Pandey, vice president of product marketing and strategy at ThreatMetrix comments, “Cybercrime continues to grow, with organisations being attacked more than ever before, fueled in large part by the proliferation of data breaches that continue to provide fresh identity data to exploit. Fraudsters are acting with haste, before data breaches are disclosed publicly, to test stolen credentials with a view to perpetrate large-volume attacks on digital businesses.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The value of identity data has now surpassed the value of card data, and the cybercrime statistics for EMEA are significantly more troubling than those in North America. In EMEA you are 63 per cent more likely to face an attack via a transaction.

“We predict that the top retailers will sustain heightened attacks from bot operators, looking to test personal accounts. Over the next week, we are expecting approximately 5 to 8 million daily identity testing attacks… By analyzing our most recent data, we can see that the scale of eCommerce attacks in the final quarter of 2017 is likely to surpass the entire attack number for all industries – including banking and media – during Q4 2016,” Pandey said.

Uber data breach scandal: A shocked tech industry reacts to the cover-up
Tether comes undone in $30m crytocurrency heist
AWS goes undercover with new secret datacentre for spies

Putting into perspective the ease with which identity data can be accessed by malicious actors, Tim Ayling, EMEA Director of Fraud and Risk Intelligence at RSA Security has outlined the paltry cost of personal information.

“With hundreds of thousands of UK card credentials available to buy on the dark web for less than £10, you can bet that cybercriminals and fraudsters will be on their own shopping spree. Major sales events like Black Friday have historically seen a huge number of compromised accounts being sold by hackers, used to make illegitimate purchases and siphon funds from virtual wallets. In the past, there has even been a dialing-down of proactive fraud detection on big shopping days like these. Merchants and card issuers were so insistent on allowing their transactions to flow through, they would often choose to allow more risky transactions to continue.”

Black Friday cyberattacks to break records as hackers enlist bots

While the scene may seem bleak, you are not powerless to improve your chances of keeping your information safe. Being mindful of where and how you submit your personal information is a solid start, while also improving passwords, ensuring that the goals of hackers are not made more achievable still.

“This is slowly changing and anecdotal evidence suggests that both maturity in fraud prevention tools, as well as the scale of the fraud problem, are allowing the financial institutions to become more stringent on these days. However, shoppers must remain vigilant. Fraudsters are opportunists by their very nature, and many will see Black Friday as a golden opportunity, hiding amongst the spike in legitimate purchases,” the EMEA Director of Fraud and Risk Intelligence at RSA Security said.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.