Seasonal Preparedness: Black Friday & Cyber Monday, “Things Are Never So Bad They Can’t Be Made Worse”

While summarizing notable activities over the last week in this week’s Threat Dashboard, Brett Zupan and Dave Pounder focused on the beginning of the 2016 Holiday Threat Season and associated concerns regarding Black Friday and Cyber Monday. In the Dashboard’s Threat Focus they note, “Thanksgiving will mark the start of the 2016 holiday season with many coming together with family and friends to eat, drink, and be merry. However, this also marks the start of a period when organizations should reassess relevant risks and consider taking a heightened security awareness posture. This annual period of increased concern is extended during years of presidential administration transscreen-shot-2016-11-17-at-5-13-52-pmition, as many key security appointees are replaced with newer personnel as the new administration settles in late January and as many appointments may take months to fill. If not already initiated, now is the time to shift into that heightened awareness posture and start thinking about how to handle routine seasonal security concerns and emerging issues of the ever-changing threat environment. Gate 15 offers a selection of short-term considerations below, but we will continue to cover other holiday-related issues as the season continues.”

They expound on that further and add additional detail in our weekly Torpedo Report. “Thanksgiving and Black Friday mark the start of the holiday season for many Americans, providing a chance for people to get a head start on gaining holiday weight, for friends and families to see each other again, and for threat actors to take advantage of the distraction caused by this surge of activity to execute violent attacks.” Regarding the potential for terrorism activity, the Torpedo notes, “This is especially true in light of two recent jihadi online magazine releases, new issues of Daesh’s Rumiyah and al-Qaeda’s Inspire, that both urge lone actor attacks in the US, promoting followers to carry out terror attacks on holiday parades and political demonstrations or to continue to carry out random bombings and low-tech attacks against soft targets, with updated information on pressure cooker bombs and critiques of other recent attacks (to offer better tactics for would-be jihadists)… with coalition forces squeezing Daesh in the Middle East and North Africa, and the desire by both al-Qaeda and Daesh leaders and their fans to see a fear-inciting attack against the US, public gatherings, venues, transportation hubs, and shopping centers, among other “way of life” soft targets, will continue to be attractive. While numerous demands and details require leadership and staff attention, security leaders should keep focus on the big picture of their operations and address the most relevant risks their facilities, operations, and patrons may be exposed to during this period of heightened concern. With terror groups emphasizing low-tech attacks – like knives and vehicles in addition to guns and bombs – against the West, there are a multitude of variables to watch and balance against the needs for convenience and accessibility.”

On the cyber front, “According to a recent article in Fortune, the ‘upcoming holiday season will be the largest online shopping affair yet, with expectations of 11% biggest growth year over year (YoY) and $91.6 billion in total holiday online sales.’ The volume of online sales on Cyber Monday is expected to be the largest online shopping day in history and provides a great opportunity for hackers who are experienced with credit card theft, scams, and other malicious acts to profit and for others may use the day for hacktivist disruptions or just for mischief and amusement… Kaspersky’s 2016 Threat Overview for Black Friday and Cyber Monday specifically calls out phishing as the major tactic that scammers are utilizing during the holiday weekend, with online stores and payment systems as being the main targets.” The holiday season “could open the door for hurried processes and overwhelmed staff, which make tactics like business email compromise (BEC) scams more dangerous. Users also need to be concerned about malware, denial of service attacks, and spam, as hackers try to take advantage of customer’s interest in or businesses’ confusion during Cyber Monday.”

screen-shot-2016-11-17-at-5-13-02-pmThe complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.

November is National Critical Infrastructure Security and Resilience Month. It “builds awareness and appreciation of the importance of critical infrastructure and reaffirms the nationwide commitment to keep our critical infrastructure and our communities safe and secure. Securing the nation’s infrastructure is a national priority that requires planning and coordination across the entire community.” ( At Gate 15, we want to remind everyone to take the time to understand their critical infrastructure dependencies, assess your organization’s relevant risks, and take a prioritized approach to preparedness and operations.

To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.

Follow our Gate 15 team on Twitter: @Gate_15_Analyst, subscribe to our free products and find us on LinkedIn (and check out our brand new Gate 15 page on LinkedIn – we’d love to have you “follow” us there!).

Leave a Reply

Your email address will not be published. Required fields are marked *