Black Friday is upon us and as I’m sure you know, it comes hand in hand with lucrative tech discounts from across the industry. For businesses however, it brings its own set of challenges, and I don’t mean the swathes of angry shoppers fighting over televisions. As consumers flock to websites to snap up a bargain, hackers will be making the most of it by launching large scale attacks.
Black Friday whilst not native to the UK, has begun to claw its way into the market in a big way. According to an article by CBRonline,
“More than two thirds of internet users in the UK will be shopping, spending more than four hours searching for Black Friday deals online. UK consumers are expected to spend a staggering £2.3 million a minute on Black Friday, a 19 percent increase on last year.”
Clearly Black Friday means big business for retailers, I’m sure if you check your inbox right now there will be a slew of email marketing campaigns. It wasn’t always used to describe a day of deals and bargains though. Wikipedia tells us:
“The earliest evidence of the phrase Black Friday applied to the day after Thanksgiving in a shopping context suggests that the term originated in Philadelphia, where it was used to describe the heavy and disruptive pedestrian and vehicle traffic that would occur on the day after Thanksgiving. This usage dates to at least 1961. More than twenty years later, as the phrase became more widespread, a popular explanation became that this day represented the point in the year when retailers begin to turn a profit, thus going from being "in the red" to being "in the black"
Our team have been helping to keep retailers in the black all year round and Black Friday is no exception. According to our statistics, this time last year saw the majority of websites we protect experiencing increased activity throughout the week, peaking on the actual Black Friday. Overall, we saw an increase of 150-200% of traffic coming through our security solution: FGX-Web.
This meant that at times, the traffic was three times the normal level, or even more. However, the increase was gradual with Black Friday at its centre. It wasn’t a sudden spike of activity that suddenly appeared on the 24th, it progressed throughout the week.
Let’s take a look at a couple of specific examples. As it’s business sensitive data, the company names will remain anonymous on this occasion.
Company 1: On average they experience roughly 0.5 – 0.6 million hits per day. On the 24th, they had 3.5 million hits, then on the 25th they saw 3.2 million hits. This relaxed somewhat at 1.2 – 1.3 million per day for the next week or so.
Company 2: This business had a typical daily request count of less than 2million and decided to kick start their Black Friday sale on November 18th. This saw their hits rise to 3.3 million, and gradually kept rising until it peaked at 8.3 million on November 24th.
Due to the sheer volume of traffic that was passing through our Web Application Firewall (WAF) last year, it had to be completely re-engineered in preparation for this year. Our WAF is now able to sustain ten times the workload that it experienced during the last Black Friday event.
It’s capable of handling the massive increase in customer interaction whilst simultaneously withstanding large scale attacks. Even if something did for some reason go wrong, it also comes packaged with a backup plan just in case.
To avoid any unpleasant surprises, planning for key events like Black Friday should form part of a comprehensive risk strategy. By reviewing fundamental cyber security controls recommend as part of schemes like PCI DSS and Cyber Essentials, plus conducting regular network and penetration testing, retailers can help to ensure that critical business periods do not end in financial and reputational disaster.”
With the improvements that have been implemented through the re-engineering, Black Friday is no longer a worry for our defences. We’re confident that this Black Friday, all of our customers will be safe in the knowledge that they’re protected by our cutting-edge technology.