While many of us pack theaters, some people are dealing with the cybersecurity holiday season, that dangerous time of year filled with breaches, attacks and threats far more frequently than any other time of year. Salesforce forecasts year-over-year online sales growth of 4% globally and 1% in the US in November and December, reaching $1.19 trillion and $273 billion, respectively. The surge in IT business is a welcome challenge to any organization, many of which generate their highest monthly sales volume during those few months.
The chaos and volume of the holiday season doesn’t just affect retail organizations. Partners, developers, manufacturers, supply chain, technology providers, communications providers, transportation, support systems and more are involved in orchestrating a smooth and successful holiday shopping season. All of these organizations rely on technology to create, sell, deliver, transport and collaborate. The season’s impact is broad and broad, with connections that span organizations.
For threat actors, this translates into opportunities
The increase in threat activity isn’t just due to the volume of transactions made via technology. During that season, a perfect storm is brewing, a culmination of complexity, resource limitations, and vulnerability.
Three threats are most prevalent during the holiday season:
-
The increase in traffic upsets the balance. As business picks up, networks are strained and employees are busier than usual. Slower networks can leave a company more vulnerable to Denial of Service (DoS) attacks, and employees with limited resources may not be able to respond to threats as quickly as possible in other seasons. Attempted ransomware attacks, for example, are a 70% increase is expected in November and December, compared to January and February, with frequent attacks by threat actors assuming activities with limited resources he will simply pay the ransom.
-
The offers are often too good to be true. Phishing attacks are also increasing as consumers shopping on their employers’ networks are more likely to click on a link while searching for a better deal, to stay within their holiday budget. According to experts, there is a 30% increase. in the average number of ransomware attacks during the holiday period compared to previous months.
-
The experts have left the building. Employees are often away from the office on holiday between the months of November and January, offline, bringing with them their experience and in-depth knowledge of specific systems. This increases the overall vulnerability of an organization.
Prepare a defense
While the threat of a cyber attack is inevitable, what you Candies control is how prepared you are for a threathow quickly you can respond and your ability to promptly report such a crisis to regulators, customers and partners.
For companies aiming to improve their preparedness, I suggest taking some crucial steps.
-
Identify your team: It outlines the roles and responsibilities of everyone from internal stakeholders to external partners such as legal, insurance and forensics. Having this clarity in a crisis facilitates a more efficient and rapid response.
-
Have a plan: Focus on developing a plan with concrete tasks and next steps that allow your team to mobilize quickly and efficiently.
-
Put your plan into action: Simply having a plan in place is not enough. In my experience as an incident response operator, I have encountered numerous situations where organizations had plans but never put them into practice, resulting in an inability to efficiently restore their operations. As my high school hockey coach often said, “Practice makes perfect.” and this also applies to incident response plans and almost everything else in life.
-
Have a place to communicate safely and confidentially: I have seen threat actors compromise IR engagements due to an IT staff inadvertently sending a corporate email to the CEO during a real-time ransomware incident, thus informing the threat actor that digital forensics and threat response were involved. accidents, legal and insurance aspects. We continue to see this happen in the industry. Creating a safe, out-of-band place to communicate and collaborate is an integral part of response and recovery efforts.
The holidays may be the most wonderful time of the year, but they are also the most common time for cyber attacks. With a few simple steps, however, you can make great strides in ensuring your business is prepared for whatever the next few months have in store.