Cyber-attacks are becoming increasingly common during weekends, holidays, and vacation periods. Attackers take advantage of the fact that employees are less vigilant, and many are out of the office during this time. The days off around Christmas and New Year are no exception. Companies should be particularly vigilant during this period.
According to FBI and the Cybersecurity and Infrastructure Security Agency (CISA) in the US, the holiday season may see an increased number of cyber attacks – and not just those related to Christmas and New Year’s celebrations. “The agencies suggest that cyber criminals are strategically targeting holidays and evening hours (OBH – Outside Business Hours) to compromise the integrity of corporate networks. Hackers know that very few employees responsible for infrastructure functioning and security are in the offices at these times. Although those in charge of IT are usually on standby, the ability to respond to a security incident is dramatically prolonged, all depending on the quality and availability of reports from monitoring systems. This is why larger companies are investing in 24/7 security monitoring, SOAR tools and Incident Response services,” says Petr Kocmich, Soitron’s Global Cyber Security Delivery Manager.
Attackers also exploit the fact that employees are less cautious during vacation and more easily succumb to social engineering or phishing attacks. For instance, many users handle emails and work-related matters using smartphones while on holiday, leading to a decrease in their vigilance.
• Phishing – attackers send out fraudulent emails that appear to be from a trustworthy source, such as an employer. These emails often contain a link or attachment that may contain malicious code, which may trigger an attack on the company’s IT infrastructure.
• Ransomware – attackers block access to data or systems and demand a ransom to restore them.
• Supply chain attacks – attackers attempt to target the company’s suppliers or partners to gain access to sensitive data or systems.
To avoid being attacked, companies need to take several precautions. Among the most important is regularly educating staff (including administrators and senior management representatives) about security risks and the best practices to avoid them. Network and system monitoring is crucial – companies need to have a system in place to detect suspicious activity. Security experts also recommend using the cyber security services of specialized companies.
According to Kocmich, larger companies are investing in continuous security monitoring, Incident Response services, and implementing solutions that help them respond to security incidents, often automatically, thus minimizing the risks associated with holiday attacks. Statistics show that attackers increase their efforts during vacation periods and take advantage of the reduced number of staff in offices, which plays into their hands in carrying out sophisticated attacks that may go unnoticed for a long time.
Indicators of suspicious activity include anomalies in network traffic, changes to administrative rights, and suspected credential theft. Companies should invest in comprehensive security solutions, including continuous monitoring, risk analysis and preventative measures.
“Cyber security is an important topic all year round, but it is even more important during the holiday and vacation season. Companies must not relax the security of their systems and data to avoid cyber attacks. After all, attackers never sleep and never take a holiday,” says Kocmich. He urges companies to manage cyber risks, implement security strategies, harden system configurations using best practices, and regularly patch vulnerabilities. They should also implement tools to increase visibility, detect and respond to security incidents, the continuous security monitoring of IT infrastructure, and any anomalies in the behaviour of systems and users. What’s equally important is educating users of possible risks.
We are in the process of finalizing. If you want to be redirected to our old version of web site, please click here.