As a certain famous TV ad keeps saying in its jingly way, Holidays are coming and with the festive season comes the time of year when most businesses and organisations are at their most vulnerable. In this blog we look at the biggest threats you’re likely to face over the Christmas season.
They know when you are sleeping
As in the rather disturbing (think about it!) yet beloved song about Santa Claus, cyber criminals know that Christmas is the best time to take advantage of businesses. They know that most businesses operate with less staff over the holiday season, and they know that most people's minds are on the festivities rather than the security of their place of employment.
Tis the season to be Phished
The most common form of cyberattack goes into overdrive in the run up to Christmas as scammers and other threat actors seek to exploit peoples' desires for bargain presents (or cheap, escape from the family holidays).
Those who are distracted can accidentally give away important personal details, business credentials, and other information vital to the security of their business such as passwords and bank details. If they click on a malicious link, they could also download malware onto the business network.
Integrity 360’s incident response team has seen an upsurge in the number of malicious emails being sent by threat actors in recent weeks and with the much talked about cost-of-living crisis they have another topic they can use to try and dupe unwitting consumers and businesses.
Read more about Phishing HERE
Yule be sorry if Ransomware strikes
Perhaps the most dreaded form of cyber-attack, Ransomware is often the result of phishing emails and can do a lot of damage to a business. Ransomware as a Service (RaaS) is on the rise and ransomware gangs were very active over the course of the year. Data shows that attempted ransomware attacks soar by as much as 70% in the months of November and December, compared to January and February.
With Christmas coming up, all businesses and organisations should up their vigilance as emails containing ransomware could be seasonally related and share tempting shopping offers or playing on fears that parcels need collection or Christmas present deliveries were missed.
Read more about Ransomware HERE
Rebels without a Claus, it’s the Insider Threat
Christmas is an opportune time for malicious insiders to do some damage to a business. Disgruntled employees and vengeful ex-employees are a major threat to organisations and with the Christmas period often seeing offices being run with less staff they can get up to mischief and have a better chance of getting away with it. Christmas parties in the office are not advised as drink and disgruntled employees are not a good mix. Ensure all security measures that you normally have in place stay in place over the Christmas and holiday season, including physical security. Make sure passwords are updated and sensitive information is stored securely.
When it comes to accidental insiders (those employees who mistakenly cause a security breach) ensure that all employees are well trained and if needs be run a refresher course in the run up to Christmas.
Read more about the Insider Threat HERE
The Cyber Skills shortage and Lowered Defenses are snow joke
We touched on this a bit earlier, but it warrants repeating. Most people's thoughts are on the big day, presents, family and travel rather than on the job during this period.
With less staff in the office there’s more opportunities for a threat actor to slip by security measures and with less eyes monitoring networks it is the perfect time for hackers to attempt to breach a network undetected. Businesses should invest in Managed Detection and Response services to ensure this doesn’t happen.
Read more about the cyber skills shortage HERE
A Proactive Incident Response management service gives you access to our experienced Cyber Incident Response Team (CIRT) who can quickly recognise and contain the threat, reducing your response time and minimising the impact. Get in touch to learn more.
