Under Attack?
Search
Menu

A Perfect Cyber Storm: September 11th, Black Friday and Other Enticing Dates for Cyber Attacks

By Carl HerbergerSeptember 9, 2013

After reading this article and piecing through the motivations of the hactivist group illustrated in the story, I couldn’t help but think how the world of an information security professional is changing.

If you are like me, you understand that business is not only a collection of functions (e.g. IT, finance, sales, etc.) and processes (e.g. payroll, invoicing, shipping, developing, etc.) but also a sensitive machine, which is uniquely constructed to deliver value to its customers within a certain rhythm.

This rhythm is mysterious, but predictable and goes by many names depending on the industry, such as “seasonality” in retail, or “game time” in sports and bars, “prime time” in showbiz, and even “school time” for universities. In fact, in most businesses, revenue is ‘chunky’ – that is, most revenue is derived in very specific moments throughout the year. In fact, many companies rely on a just a few days every year for their fortunes:

  • Chocolate companies, like Godiva, revolve their whole business around four holidays including Mother’s Day, Valentine’s Day, Thanksgiving and Christmas
  • Fast food pizza companies, such as Domino’s and Papa John’s, rely heavily on sporting events throughout the year for their revenue, with the Super Bowl representing a lion’s share of revenue generated for the whole year
  • Retailers, in general, derive most of their yearly revenue from the period between Black Friday and Christmas, which is known as the Christmas Selling Season. However within that season, Black Friday, Cyber Monday and Black Saturday represent a high percentage of the sales for the holiday season
  • Charities sometimes have single fundraisers that define their whole year in terms of donations

So, now I know that dates and timing matters to businesses – when’s the optimum time to attack?

If a goal of DDoS attacks is to disrupt, disorient, shut down or otherwise silence an intended victim, why would it not make most sense to focus efforts where an attack would cause the most harm? Wouldn’t it be more effective to achieve the goals stated above during timeframes in which the business is at a peak capacity and requires peak performance, and slight disruptions are meaningfully reverberated throughout the environment? 
In fact, this is no longer conjecture; this is occurring on a wide scale and needs to be considered in a risk security profile of a business. The following are examples of recent attacks that occurred (or are threatened) during significant dates:

  • Columbian “Independence Day” cyber attacks
  • Recent election day cyber attacks in both Russia and Panama, among others
  • Threats against U.S. and Israeli interests on Sept. 11th

In addition, there are strong indications that cyber DDoS attackers are aware of the importance of a business cycle and are taking advantage of it with some notable examples, including:

  • Attack on the U.S. banking sector occurred during operational business hours and NOT during the weekend or during the middle of the night – U.S. time zones
  • Cyber attacks on politicians increasingly come during elections and on Election Day
  • Cyber attacks on Stock Exchanges routinely only occur during the trading day
  • Gaming sites are attacked when jackpots are the highest and potential disruption payouts are the most handsome

So, if dates and anniversaries represent new risks – what can we do about it?

This is clearly an area where prescriptive direction is fuzzy, however there are some generalities that can come into play.

There are many steps an organization can take in preparing for a credible threat of an attack, including the following:

  • As a Radware client, we suggest that all of our customers make certain that they are running the most up-to-date code and properly configured devices
  • Consider optimizing business-partner relationships to ensure high fidelity in attack detection and mitigation
  • Make current all key personnel contact lists and whereabouts (including local Radware resources)
  • Have contingency plans in place

In the end, we know that just like a major storm, the companies who prepare the most will be able to fare the best!

Posted in: Application Security DDoS Attacks SecurityTags:

Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?