Skip to main content

Threats Reduce Cyberattack Risk During the Holiday Season

The holiday season is for time spent with family, large dinner spreads, and making memories with those we cherish. And, while most professionals rest up to be refreshed for the New Year ahead, organizations are often jolted awake.

Why? It boils down to two words: cyberattack spikes.

Around the globe, organizations of all sizes find themselves at the mercy of cybercriminals and data thieves because, during the holidays, threat actors become more active and ramp up their attacks against organizations... particularly those that are closed or understaffed.

To protect themselves, all organizations should be more aware of the risks of cyberattacks during this time of year. More importantly, they should take early and proactive steps to reduce cyberattack risks.

Here are tips from our ethical hackers to keep your data safe this season:

Why Do Cyberattacks Increase During Holidays?

Although many frequently associate "the holidays" with December, due to the large number of holidays within it, the fact is that any individual holiday comes fraught with cyber risk.

In 2018, security researchers in the U.S. noted almost 900,000 ransomware attacks during the (U.S.) Thanksgiving holiday– a 432% increase over a similar period in 2017. In July 2021, on Independence Day, at least 1,500 businesses in 17 countries, including Canada, were affected by a ransomware attack on IT firm Kaseya.

In September 2021, the FBI released an advisory warning Americans of potential cyberattacks that may occur over the Labor Day weekend (September 4-6). The alert followed reports of increased cybercrime activity during the Fourth of July holiday (Kaseya) and also earlier in May, during the Memorial Day weekend (the attack on JBS) and Mother’s Day weekend (the attack on Colonial Pipeline).

Flash forward to 2023, and this trend only continues to grow: ransomware attacks in recent years have annually spiked by up to 40% in December, with frequent breaches of enterprise resources. Once hackers gain initial access to the enterprise network, they escalate privileges to move laterally across the environment and gain maximum control over a maximum number of systems. An enterprise with a small cybersecurity staff will take longer to notice the attack and remediate or implement damage control. Ultimately, the threat actor can cause severe damage.

The Ransomware-Holiday Connect

Ransomware attacks are a particularly huge problem during holiday weekends. Many attacked organizations prefer to have their systems unlocked, and their data released immediately rather than wait out the weekend. Further, to minimize long-term risks, ensure business continuity, and protect their reputations, they’re more likely to pay out the ransom attackers' demand. Cybercriminals know this and take full advantage.

Ransomware actors sometimes infiltrate an enterprise system and then spend days or weeks inside before finally launching an attack – often over long weekends. To reduce cyberattack risks, organizations must proactively look for potential points of access within their systems.

They must also keep an eye out for suspicious or anomalous traffic patterns to detect potentially dangerous adversaries who may well turn out to be instruments of a serious catastrophe.

How to Reduce Cyberattack Risk During the Holiday Season

  • Conduct cybersecurity awareness training programs for staff: While it may look like a basic step, conducting a refresher session on the dangers of phishing and other cyber threats for your organization’s staff can be extremely valuable. Because of the increased workload, especially over the holidays, your employees are more prone to phishing, social engineering, and even charity fraud. Ransomware attacks are profitable and are relatively simple to execute. Simple precautions can mitigate risk, such as not clicking URLs in emails from unknown senders and keeping operating systems and programs up to date. A training session could remind people to be cautious about what messages they read, preventing them from opening a Trojan horse accidentally. Employees must be aware that they must continually assess unusual or suspicious messages or documents and report them to IT and security departments. It is critical to emphasize this topic in regular educational programs

  • Have a contingency plan ready: While having a robust incident response plan in place is crucial all year, updating it and ensuring your staff are aware of it during the holidays may be advantageous in keeping you safe. Ensure your firewalls are up to date and all your data is encrypted. It’s also a good idea to plan for short-term or temporary staffing. Organizations should ensure that a solid contingency plan is in place and that responsibilities are acknowledged and understood across all departments to avoid delays and increased risks.

  • Diversify your systems to avoid a single point of failure: Most organizations put all of their assets in one location; this makes it much easier for attackers to gain access. One compromised system can cause a lot of damage to your organization. Having your assets spread across multiple accounts makes it more difficult for cybercriminals to access them and provides you more time to prepare a defence when your resources are stretched thin. Even if you can’t prevent an attack, spreading your eggs across multiple baskets minimizes the damage to your business if one location is compromised

  • Make sure your security systems are up to date: Employee training, firewall protection, anti-virus, anti-spam, wireless security, and online content filtration tools should all be part of your organization’s cybersecurity strategy. If you work in retail or another industry that uses POS systems, be aware that these systems can be vulnerable to a cyberattack, potentially exposing customer data and leading to most damage for such organizations. A POS network failure means no card transactions, which can mean no sales as many consumers no longer carry cash. It’s essential to make sure your security and backups are up to date

Conclusion

Despite these unsettling realities, holiday weekends don’t have to be a cybersecurity disaster for Canadian organizations. Planning, a robust cybersecurity strategy, and strong cybersecurity controls can help companies reduce cyberattack risks and protect their assets and data. Strengthening human and technical defences during the holidays is also important. One way to do this is through enterprise-wide cybersecurity awareness. Another is to conduct a thorough and detailed penetration test.

Take advantage of our penetration testing services and strengthen your defences. Click here to know more about our service coverage, or here to get a free quote.

Featured Posts

See All
What is an Initial Access Broker?

June 12 - Blog

What is an Initial Access Broker?

What is an initial access broker? With the emergence of Ransomware as a Service, operators often rely on initial access brokers to obtain an initial foothold on the network. Learn more today.

Read More

May 31 - Blog

New Ransomware Technique Emerges: Fake Ransomware Support

A new ransomware scam uses fake tech support tricking victims into paying for their files back: a novel technique designed to socially engineer victims among a number of fake ransomware attacks.

Read More

May 23 - Blog

Attack Surface Mapping for Proactive Cybersecurity

What is the Attack Surface and why does it matter? This article outlines the process of Attack Surface Mapping to ensure a comprehensive and proactive cybersecurity program.

Read More
Packetlabs Company Logo
    • Toronto | HQ
    • 401 Bay Street, Suite 1600
    • Toronto, Ontario, Canada
    • M5H 2Y4
    • San Francisco | HQ
    • 580 California Street, 12th floor
    • San Francisco, CA, USA
    • 94104
Contact Us
Partner Program
Learn
Careers
Services
About
Packetlabs Portal
FAQ
LinkedIn Icon SquareX Icon SquareFacebook Icon Square
Cyber Right Now
CREST Logo
AICPA SOC 2 Logo
Clutch 2023 Certification Logo

© 2024 Packetlabs. All rights reserved.

Privacy Policy