Cybersecurity in the spotlight: Black Friday and the challenges of a smooth shopping experience

  • Lisa Fröhlich
  • December 5, 2023

Table of content

    Cybersecurity in the spotlight: Black Friday and the challenges of a smooth shopping experience

    The Black Friday rush has faded. It’s time to look back on the past few days of bargain hunting and the start of the peak season for retailers in 2023. The Christmas shopping period presents retailers (both online and offline) with a double challenge: managing the rush of shoppers and protecting themselves from increased cyberattacks.

    After all, these weeks not only promise record sales but also attract cyber criminals who try to hide behind the increased traffic. Above all, distributed denial-of-service (DDoS) attacks are a serious threat.  

    Continuous sales growth on Black Friday

    According to a Bitkom survey, half of Germans planned which deals they wanted to purchase over the Black Friday weekend. Elsewhere, 63% of consumers wanted to buy both online and offline and take advantage of the offers. A look at the figures makes it clear that Black Friday has become an essential date in the calendar for many bargain hunters.  

    The shopping event has its origins in the USA. Traditionally, the Friday after Thanksgiving is considered a national bridge day, which has become one of the best-selling shopping days of the year. This year’s sales promotions once again generated record sales of 9.3 billion dollars for Shopify customers over the Cyber Weekend.  

    Since the online giant Amazon brought the concept to Germany in the mid-2000s with numerous discounts and special offers, Black Friday has similarly developed into a billion-dollar sales driver in this country. According to an analysis by e-commerce specialist Criteo, the shopping mood in Germany was particularly strong compared to other European countries.

    Here, traffic increased by 15% and completed sales by 12% compared to the previous year. However, with increasing success, the Cyber Weekend and the subsequent shopping season up to Christmas act like magnets for cyber criminals.  

    The danger of DDoS attacks

    DDoS attacks are one of the most classic threats in the digital space. The strategy is simple and effective: criminals bombard a website with many requests, which overload the server and/or the Internet connection. The consequences are serious: the affected site suffers considerable performance losses or even collapses completely.

    For online retailers, it is essential to prevent such a scenario in order to avoid frustration among shoppers, loss of sales, damage to reputation and financial losses. 

    Five times more DDoS attacks than in the previous year

    Link11 figures prove the explosive nature of the issue: the number of attacks on Black Friday weekend increased fivefold compared to the previous year. There were also several noticeable increases in attacks in the run-up to the shopping event. Both six and two weeks before the popular shopping day, a particularly high number of smaller DDoS attacks were recorded in the Link11 network, which could indicate that attackers had launched their first ransom DDoS attacks.

    To emphasize their potential claims, there was an increase in attacks shortly before Black Friday, with attack volumes significantly above the monthly average. A look at the third quarter of 2023 also shows that the threat to online retailers is traditionally on the rise. 

    Smart and efficient – DDoS attacks are becoming more intelligent

    The number of DDoS attacks larger than 8.5 Gbps has more than doubled compared to the same period last year. The significant increase of 130% is particularly worrying for small and medium-sized companies. Many of the companies use hosting packages with a performance of 10 Gbps. Internet connections of this size are therefore quickly paralyzed by attacks of this magnitude.   

    The dynamics of the attacks show an interesting shift. The number of single-vector attacks and attacks with more than nine vectors have decreased in the Link11 network. In contrast, the number of attacks with two to eight vectors has risen significantly. This suggests that attacks are becoming smarter and more efficient – cyber criminals are refining their tactics.  

    Instead of proceeding indiscriminately with many attack vectors, they are focusing on strategies with fewer – but more promising – vectors. The attackers also test whether a more complex attack is worthwhile. After all, why should they fire all their bullets if they encounter a well-protected system, and the attack is repelled in a matter of seconds?  

    The German Federal Office for Information Security (BSI) also warned of the danger of DDoS attacks on online retailers back in 2021: new attack technologies could be used more frequently during periods of high turnover. The BSI’s recommendation even then was to adapt protective measures to the increased capacities of the attackers. 

    What useful protection mechanisms are there for online retailers?

    In view of this threat situation, it is essential that online retailers take the risk of DDoS attacks seriously. Major players in e-commerce have implemented comprehensive protective measures for years. However, smaller and less tech-savvy online retailers can find it difficult to effectively protect themselves from increasingly sophisticated cyberattacks. Nevertheless, it is crucial for this target group to familiarize themselves with the most important DDoS protection measures before an emergency occurs. 

    One preventative measure is to adequately prepare your own e-commerce platform for the expected traffic. Joint forecasts by IT and sales as well as load tests in advance can provide information on whether the existing infrastructure can withstand the requirements. It is not only the pure server capacities that are decisive here, but also the resilience of the network and the applications. Bottlenecks should be identified and rectified at an early stage to ensure a smooth shopping experience for customers. 

    It is also advisable to outsource static content to content delivery networks (CDNs) to optimize loading times. During peak times, personalized content should also be temporarily deactivated to ensure smooth performance. Comprehensive preparation for potential IT bottlenecks and precise monitoring play key roles in ensuring that e-commerce platforms function optimally, even in times of increased data traffic. 

    Scalable solutions for DDoS protection

    Nevertheless, the conventional expansion of bandwidths and server capacities is reaching its limits. Particularly on days such as Black Friday, when traffic from normal shoppers increases massively anyway, DDoS attacks can cause considerable damage with little effort. This is where cloud-based, scalable DDoS protection solutions come into play. 

    These solutions are characterized by their ability to adapt to variable requirements in real time. They analyze data traffic, detect anomalies, and block malicious access even before it reaches the site’s infrastructure. By using cloud resources, such solutions can offer almost unlimited scalability.  

    This means that they can cope with sudden peak loads without any loss of performance. Even in the event of an attack, there is hardly any significant impact on business operations. This technology also enables smaller online retailers to protect themselves on a par with their larger competitors. 

    DDoS prevention as the key to security

    At a time when e-commerce is booming and competition is constantly increasing, the security of online stores is of crucial importance. Especially during the peak shopping season, cyber criminals should not be given the chance to jeopardize the success of retailers. Investing in DDoS prevention is therefore not only sensible, but necessary. 

    If you have any questions about our Web DDoS Protection or our Secure CDN, please feel free to contact us at any time and arrange a consultation with our security experts. 

    Link11 on the “Cybersecurity 500 List” for the third time
    Killnet, NoName057(16) and Anonymous Sudan are on the rampage – politically motivated attacks on critical sectors in Europe are increasing