Reduce Cyberattack Risk During the Holiday Season

Read More

The holiday season is for time spent with family, large dinner spreads, and making memories with those we cherish. And, while most professionals rest up to be refreshed for the New Year ahead, organizations are often jolted awake.

Why? It boils down to two words: cyberattack spikes.

Around the globe, organizations of all sizes find themselves at the mercy of cybercriminals and data thieves because, during the holidays, threat actors become more active and ramp up their attacks against organizations... particularly those that are closed or understaffed.

To protect themselves, all organizations should be more aware of the risks of cyberattacks during this time of year. More importantly, they should take early and proactive steps to reduce cyberattack risks.

Here are tips from our ethical hackers to keep your data safe this season:

Why Do Cyberattacks Increase During Holidays?

Although many frequently associate "the holidays" with December, due to the large number of holidays within it, the fact is that any individual holiday comes fraught with cyber risk.

In 2018, security researchers in the U.S. noted almost 900,000 ransomware attacks during the (U.S.) Thanksgiving holiday– a 432% increase over a similar period in 2017. In July 2021, on Independence Day, at least 1,500 businesses in 17 countries, including Canada, were affected by a ransomware attack on IT firm Kaseya.

In September 2021, the FBI released an advisory warning Americans of potential cyberattacks that may occur over the Labor Day weekend (September 4-6). The alert followed reports of increased cybercrime activity during the Fourth of July holiday (Kaseya) and also earlier in May, during the Memorial Day weekend (the attack on JBS) and Mother’s Day weekend (the attack on Colonial Pipeline).

Flash forward to 2023, and this trend only continues to grow: ransomware attacks in recent years have annually spiked by up to 40% in December, with frequent breaches of enterprise resources. Once hackers gain initial access to the enterprise network, they escalate privileges to move laterally across the environment and gain maximum control over a maximum number of systems. An enterprise with a small cybersecurity staff will take longer to notice the attack and remediate or implement damage control. Ultimately, the threat actor can cause severe damage.

The Ransomware-Holiday Connect

Ransomware attacks are a particularly huge problem during holiday weekends. Many attacked organizations prefer to have their systems unlocked, and their data released immediately rather than wait out the weekend. Further, to minimize long-term risks, ensure business continuity, and protect their reputations, they’re more likely to pay out the ransom attackers' demand. Cybercriminals know this and take full advantage.

Ransomware actors sometimes infiltrate an enterprise system and then spend days or weeks inside before finally launching an attack – often over long weekends. To reduce cyberattack risks, organizations must proactively look for potential points of access within their systems.

They must also keep an eye out for suspicious or anomalous traffic patterns to detect potentially dangerous adversaries who may well turn out to be instruments of a serious catastrophe.

How to Reduce Cyberattack Risk During the Holiday Season

  • Conduct cybersecurity awareness training programs for staff: While it may look like a basic step, conducting a refresher session on the dangers of phishing and other cyber threats for your organization’s staff can be extremely valuable. Because of the increased workload, especially over the holidays, your employees are more prone to phishing, social engineering, and even charity fraud. Ransomware attacks are profitable and are relatively simple to execute. Simple precautions can mitigate risk, such as not clicking URLs in emails from unknown senders and keeping operating systems and programs up to date. A training session could remind people to be cautious about what messages they read, preventing them from opening a Trojan horse accidentally. Employees must be aware that they must continually assess unusual or suspicious messages or documents and report them to IT and security departments. It is critical to emphasize this topic in regular educational programs

  • Have a contingency plan ready: While having a robust incident response plan in place is crucial all year, updating it and ensuring your staff are aware of it during the holidays may be advantageous in keeping you safe. Ensure your firewalls are up to date and all your data is encrypted. It’s also a good idea to plan for short-term or temporary staffing. Organizations should ensure that a solid contingency plan is in place and that responsibilities are acknowledged and understood across all departments to avoid delays and increased risks.

  • Diversify your systems to avoid a single point of failure: Most organizations put all of their assets in one location; this makes it much easier for attackers to gain access. One compromised system can cause a lot of damage to your organization. Having your assets spread across multiple accounts makes it more difficult for cybercriminals to access them and provides you more time to prepare a defence when your resources are stretched thin. Even if you can’t prevent an attack, spreading your eggs across multiple baskets minimizes the damage to your business if one location is compromised

  • Make sure your security systems are up to date: Employee training, firewall protection, anti-virus, anti-spam, wireless security, and online content filtration tools should all be part of your organization’s cybersecurity strategy. If you work in retail or another industry that uses POS systems, be aware that these systems can be vulnerable to a cyberattack, potentially exposing customer data and leading to most damage for such organizations. A POS network failure means no card transactions, which can mean no sales as many consumers no longer carry cash. It’s essential to make sure your security and backups are up to date


Despite these unsettling realities, holiday weekends don’t have to be a cybersecurity disaster for Canadian organizations. Planning, a robust cybersecurity strategy, and strong cybersecurity controls can help companies reduce cyberattack risks and protect their assets and data. Strengthening human and technical defences during the holidays is also important. One way to do this is through enterprise-wide cybersecurity awareness. Another is to conduct a thorough and detailed penetration test.

Take advantage of our penetration testing services and strengthen your defences. Click here to know more about our service coverage, or here to get a free quote.

Featured Posts

See All

- Blog

London Drugs Gets Cracked By LockBit: Sensitive Employee Data Taken

In April 2024, London Drugs faced a ransomware crisis at the hands of LockBit hackers, resulting in theft of corporate files and employee records, and causing operational shutdowns across Canada.

- Blog

Q-Day And Harvest-Now-Decrypt-Later (HNDL) Attacks

Prime your knowledge about post-quantum encryption and risks it creates today via Harvest-Now-Decrypt-Later (HNDL) attacks.

- Blog

The Price vs. Cost of Dark Web Monitoring

Learn more about the price vs. cost of Dark Web Monitoring in 2024, as well as the launch of Packetlabs' Dark Web Investigators.