More consumers are turning their attentions away from the Black Friday hysteria in stores towards online shopping during the first weekend of the holiday shopping season – from Thanksgiving to Cyber Monday. Last year, more than 103 million people said they shopped online at some point over what is now being called Cyber Weekend. And retailers are responding, offering online discounts and promotions to pull in more consumers.
As both retailers and shoppers congregate online and find themselves distracted by holiday weekend sales, cybercriminals are lurking in the fringes waiting for the perfect opportunity to strike. Cybercriminals often use busy times to their advantage, counting on consumers and businesses to be distracted. Take the biggest retail hack in U.S. history as an example. In the days leading up to Thanksgiving 2013, cybercriminals installed malware in Target’s security and payments system, ultimately gaining access to the credit cards of 40 million Target customers.
The risks are just as real today and cybercriminals have their newest – and most effective – tool at their disposal: malware. Malware can halt business operations which, during a busy holiday shopping weekend, can have catastrophic consequences for both reputation and bottom line. Here we offer four “must-do” security tips to keep malware out of your systems during Cyber Weekend.
Educate Your Weakest Link
Cybercriminals utilize a number of sneaky methods for getting malware onto the network. One of the most common methods is a phishing attack, which is used to fool employees into handing over sensitive information or clicking on a malicious file by impersonating a reputable entity or person over email, instant message (IM) or other communication channel.
So what’s the best way to prevent this? Get your employees involved. Offer mandatory security awareness training and make employees stakeholders in protecting the business. Teach employees about common attack methods and empower them to make decisions around security. Create an environment where security is discussed openly and is the shared responsibility of all employees to greatly decrease the chances that a cybercriminal will succeed. And then provide those employees some back up. Use an automated anti-malware solution to help prevent users from clinking on links that take them to malicious sites.
Understand the Importance of Backups
The availability of business information is essential, particularly during a busy holiday weekend. Temporarily losing access to data or important systems can cause costly business disruptions. If you are the victim of a ransomware attack and the cybercriminal takes control of your data and won’t return it until you pay up, having a backup can be a lifesaver.
It’s important to perform backups of both local data and anything stored in the cloud. These should be performed on a regular basis – ideally daily. Then, instead of paying up, you can simply restore your data from backup and keep business going through the holiday weekend.
Locate and Remove Infections Quickly
Much of the security industry today focuses on keeping malware out altogether, which is an unrealistic goal. Your IT team should still have the right tools in place to do what it can to prevent malware from getting onto the network, but there also needs to be a plan for those cases when cybercriminals succeed.
The reality is that, at some point, malware will get in. Once this happens, it becomes important to find out exactly how the malware entered and which computers on the corporate network are infected. Otherwise, even after you remediate, you can’t be certain that it’s completely gone and won’t do further damage.
Have an Incident Response Plan in Place
While you can do what you can to prevent business interruptions over Cyber Weekend, and year-round, there’s always the possibility that a cybercriminal will get in and stay in. So now what do you do? Have discussions with your IT team, your partners and your advisors so everyone knows their role in the event of an attack. Come up with a plan to keep the business running and the losses down. And think about your communications strategy. Maintaining customer trust is essential and proactive communication is sometimes a necessity.
Cyber Weekend is quickly approaching. Your focus is likely on ensuring website performance, checking inventory and promoting holiday deals to pull in the shoppers. But security should also be top of mind. These four security tips will keep the cybercriminals from ruining your Cyber Weekend.
Todd O’Boyle is a co-founder and CTO at Percipient Networks, an Allied Minds company.