It’s the time of year when many people’s thoughts turn to a well-earned summer break. However, while it’s important to recharge after a stressful 12 months, the fact remains that cybercriminals such as hackers don’t take holidays. In fact, data shows that the festive season is often when they are at their most active.
Seasonal phishing
During busy times of year such as the festive season, it can be easier for some staff to be more distracted and less focused. Phishing attempts that may not have worked at other times of the year suddenly prove successful.
For example, an email may arrive that appears to have been sent by a workmate or friend containing an attachment called “Christmas Card”. Opening the attachment can immediately infect the staff member’s computer with malware such as ransomware. This can then quickly spread to other systems on the network.
Alternatively, there might be a phone call from a party purporting to be the organisation’s internet service provider during which a staff member is asked to confirm their log-in details. This may lead to a type of attack known as business email compromise – one of the most costly attacks that can strike an organisation.
The issue is exacerbated when workflows are changed during the holiday season. Where it may seem odd at any other time of year, when a request for data files arrives seemingly from a senior manager, it may be actioned without second thought.
Lower levels of support
Security problems are also made worse by lower-than-usual levels of IT support. With a greater number of people away, queries about strange messages or unusual behaviour on devices may go unanswered, thereby allowing an unauthorised party to remain active within an infrastructure for an extended period.
Support might also be lower than usual if senior IT staff are on holiday and their roles are being covered by more junior members of the team. Alerts could go unnoticed or not undertaken as quickly as they should.
Security breaches may also occur when system upgrades and changes have been scheduled to be completed during a holiday period when user numbers are lower. If defensive measures are not configured correctly or components turn off but not back on again, access points may be inadvertently created that can be exploited by hackers.
Steps for better holiday security
In light of the increased risks that exist, there are some steps organisations should take to shore up their defences during the holiday break. They include:
- Regular staff security awareness training;
Because users remain the weakest link in the security chain, conducting regular security awareness training is vital. Explain the nature of the threats and what steps need to be taken to thwart them. - Maintain a strong security team – or outsource it to a provider:
While many people will take time off, it’s important there is always some experienced IT security personnel in place at all times. Check to ensure that rosters will allow this, or consider outsourcing it to a managed security services provider. - Maintain patching practices:
Software patches are issued throughout the year and it can be dangerous to delay their application. This is especially important when new zero-day attacks emerge. - Begin the new year with a full security review:
To ensure systems are protected throughout the next 12 months, begin the year with an audit of security measures to determine what changes might be required.
Hackers may not take holidays, but there are a range of steps an organisation can take to ensure they remain safe from attack throughout the year, including the busy holiday season. Consider the measures you should have in place during this time of year.
