It is a time when many are thinking of their families and loved ones, time off work, and gift-giving – the holidays. However, while many have their minds outside the realm of work during the holiday season, often, this is when attackers plan their most sinister attacks.
So how can you take precautions to protect your organization during these times?
Why holidays put your company at risk of cyberattack
Attackers today do not have a soft spot for businesses and give companies a break at any time of the year, especially not during holidays. On the contrary, any time of the year where companies may be less prepared to fend off a cyberattack is an opportunity for successful compromise. As a result, the holidays put your company at a higher risk of cyberattack.
Most end-users do not think about cybersecurity when surfing the web or receiving emails with holiday deals during the season. As a result, many let their guard down to a certain degree and become preoccupied and distracted more than usual. Increased distraction from the end-user perspective and less scrutiny of emails and websites where holiday discounts and offers may be displayed can provide the perfect opportunity for attackers using phishing scams or malicious advertisements.
Additionally, IT operations and SecOps teams may be short-staffed with staff out on vacation during the holidays. It creates a situation of increased risk to business-critical data with potentially fewer resources to help mitigate risks and breaches if they happen.
Earlier this year, the FBI and Cybersecurity & Infrastructure Security Agency released a general alert:
“The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021.”
Common Cybersecurity Risks during this Holiday
Ransomware is by far one of the most sinister threats to organizations and their data today. With the increased threat of successful phishing attacks and visits to malicious websites, the chances of your business getting infected with ransomware drastically increase.
Threat actors may entice users to click on a malicious link in a phishing email or perform a drive-by attack using malicious web code on a hijacked website. Either way, it can be a gateway for ransomware infection.
One of the easy ways that attackers can compromise environments is by using phishing emails. Phishing emails masquerade as communications from legitimate companies. Attackers have become proficient in making phishing emails appear legitimate, from the logos, wording, images, and other styling associated with the email.
During the holiday season, end-users are generally “click-happy” and may not scrutinize emails and other communications as closely. As a result, attackers may use the flood of email communications to infiltrate the organization’s perimeter with a phishing attack.
Data breaches are a critical cybersecurity threat for organizations worldwide. The implications and financial fall-out from a data breach event can be tremendous.
Data breach costs increased significantly year-over year from the 2020 report to the 2021 report, increasing from $3.86 million in 2020 to $4.24 million in 2021. The increase of $0.38 million ($380,000) represents a 9.8% increase. This compares to a decrease of 1.5% from the 2019 to 2020 report year. The cost of a data breach has increase by 11.9% since 2015.
Data breaches can occur intentionally, unintentionally, or due to malicious cyberattacks. For example, an employee may accidentally share data they shouldn’t share or do this intentionally. In the holiday season, employees are more distracted with holiday plans or other activities and, by extension, more apt to expose data. Additionally, with the increased ransomware threat, the list of modern ransomware variants threatening data leaks is growing.
Distributed Denial of Service (DDoS) attacks
Another threat for businesses around the holidays is Distributed Denial of Service (DDoS) attacks. According to the statistics, the volume of Distributed Denial of Service (DDoS) attacks increases around the holidays.
In addition, since the beginning of the global pandemic in 2020, online shopping and retail have increased dramatically as more individuals prefer online shopping.
Attackers know the damage caused by DDoS attacks now is more costly to businesses, especially around the lucrative holiday season.
One of the most common ways attackers attempt to compromise environments is using compromised credentials. Obtaining compromised credentials is an easy, minimal effort attack vector that can lead to tremendous damage to business-critical data.
As mentioned, employees are more distracted and prove to be easier targets around the holidays. Phishing emails, aside from launching a ransomware attack, can be used to harvest legitimate credentials. A growing business on the dark web is Initial Access Brokers. The Initial Access Broker provides criminals with legitimate and verified user accounts for a price. It allows attackers to purchase credentials on the dark web, so the hard work of getting access to the environment is already complete.