No Holidays for Hackers
[Updated 12/15/2022] You may be planning to relax during the Christmas and New Year’s holidays, but cyber criminals aren’t. In fact, they’re counting on you to let your guard down during holidays and off-hours so they can have a better chance at getting away with their schemes. That’s according to a 2022 study that looked at the impact of ransomware attacks that happened on holidays and weekends.
The study found that organizations that didn’t have incident response plans in place or contingency plans for staffing were slow to respond. Slow response to a cyber intrusion means the bad actors have more time to move through an organization’s IT systems instead of being shut down at the endpoint where they entered.
Fortunately, response to cyber threats is just as fast during non-business hours as it is for business hours for XPERTECHS clients. Not only is our Security Operations Center (SOC) fully staffed but we have automations set up for faster-than-human response when a cyber intrusion is suspected.
Cyber Attackers Piggyback Holiday Messages
Reminders about potential cyber threats are helpful to keep security top of mind during the holiday season. The Cybersecurity and Infrastructure Security Agency (CISA) echoes the message to stay vigilant with cybersecurity during a time when many organizations are winding down and taking time off at the end of the year.
Hackers have a pattern of increasing their strikes on holidays and especially holiday weekends. CISA has reported that significant ransomware attacks took place on Mother’s Day weekend, Memorial Day weekend and the Fourth of July weekend in a 2021 study.
Cyber criminals not only increase their activity during holidays, they also tie their messages to the season hoping that people will not realize that they’re falling into a trap. For example, there’s usually an increase in requests for donations from charities at the end of the year so make sure that you examine all email to make sure that it’s legitimate.
Additionally, beware of look-alike websites of big-name retail and logistics companies that ask you to input personal or credit card information. And don’t do any financial transactions on unencrypted channels.
Cybersecurity Best Practices Defend Against Increased Threats
The CISA reminds government and private sector organizations of all sizes to maintain essential security best practices and they include the recommendation to include threat hunting in cybersecurity tactics. Threat hunting applications use Artificial Intelligence to identify unknown threats, unlike antivirus and firewalls which block known threats.
The way that these applications work is to learn about normal network traffic so that when something happens out of the ordinary, they can respond and stop the suspected intruder. Threat hunting is included in XPERTECHS’ DEFEND cybersecurity services.
CISA’s recommendations for protecting your organization from ransomware and other malicious software are the same as what we here at XPERTECHS have been advocating for quite some time. These include:
- Maintain an offline backup of your data.
- Don’t click on suspicious links.
- Secure and monitor remote desktop applications.
- Update your software and operating systems.
- Use strong passwords and multi-factor authentication.
- Secure your network with segmentation, filtering and port scanning.
- Secure and manage user accounts, including admin and super user accounts.
- Have an incident response plan ready.
Do You Have Cybersecurity Peace of Mind?
Cybersecurity isn’t a project or a checklist that you can look at once a year. It’s an ongoing process that needs to be managed and modified as the threat landscape changes. If you don’t have peace of mind about the security (and the future!) of your business, then get in touch and we’ll help you determine if your security posture matches up with your risk tolerance.