It is a time when many are thinking of their families and loved ones, time off work, and gift-giving – the holidays. However, while many have their minds outside the realm of work during the holiday season, often, this is when attackers plan their most sinister attacks.
So how can you take precautions to protect your organization during these times?
Attackers today do not have a soft spot for businesses and give companies a break at any time of the year, especially not during holidays. On the contrary, any time of the year where companies may be less prepared to fend off a cyberattack is an opportunity for successful compromise. As a result, the holidays put your company at a higher risk of cyberattack.
Most end-users do not think about cybersecurity when surfing the web or receiving emails with holiday deals during the season. As a result, many let their guard down to a certain degree and become preoccupied and distracted more than usual. Increased distraction from the end-user perspective and less scrutiny of emails and websites where holiday discounts and offers may be displayed can provide the perfect opportunity for attackers using phishing scams or malicious advertisements.
Additionally, IT operations and SecOps teams may be short-staffed with staff out on vacation during the holidays. It creates a situation of increased risk to business-critical data with potentially fewer resources to help mitigate risks and breaches if they happen.
Earlier this year, the FBI and Cybersecurity & Infrastructure Security Agency released a general alert for increased vigilance for ransomware attacks during holidays. You can read the warning here: Ransomware Awareness for Holidays and Weekends | CISA. In part, it states:
With upcoming holidays in the U.S. and worldwide, organizations must remain vigilant and on guard to protect against many forms of attack. Let’s look at the following common cybersecurity risks during this holiday season:
Ransomware is by far one of the most sinister threats to organizations and their data today. With the increased threat of successful phishing attacks and visits to malicious websites, the chances of your business getting infected with ransomware drastically increase.
Threat actors may entice users to click on a malicious link in a phishing email or perform a drive-by attack using malicious web code on a hijacked website. Either way, it can be a gateway for ransomware infection. Note the following ransomware attacks over a holiday:
To protect against ransomware, organizations must put the appropriate security measures in place, including:
Is ransomware costly to businesses? According to the IBM Cost of a Data Breach 2021 report, ransomware is highly costly to your business:
One of the easy ways that attackers can compromise environments is by using phishing emails. Phishing emails masquerade as communications from legitimate companies. Attackers have become proficient in making phishing emails appear legitimate, from the logos, wording, images, and other styling associated with the email.
Without appropriate security protections in place, an end-user simply must click on the malicious link, and the damage begins. For example, suppose there are no zero-trust or micro-segmentation boundaries in place. In that case, the ransomware can freely crawl across the network and infect anything on which the user has “write” or “modify” permissions.
During the holiday season, end-users are generally “click-happy” and may not scrutinize emails and other communications as closely. As a result, attackers may use the flood of email communications to infiltrate the organization’s perimeter with a phishing attack.
Again, cybersecurity basics come into play to protect against phishing emails, like the protections listed for ransomware:
Data breaches are a critical cybersecurity threat for organizations worldwide. The implications and financial fall-out from a data breach event can be tremendous. The IBM Cost of a Data Breach Report 2021 cites:
Data breaches can occur intentionally, unintentionally, or due to malicious cyberattacks. For example, an employee may accidentally share data they shouldn’t share or do this intentionally. In the holiday season, employees are more distracted with holiday plans or other activities and, by extension, more apt to expose data. Additionally, with the increased ransomware threat, the list of modern ransomware variants threatening data leaks is growing.
Another threat for businesses around the holidays is Distributed Denial of Service (DDoS) attacks. According to the statistics, the volume of Distributed Denial of Service (DDoS) attacks increases around the holidays.
In addition, since the beginning of the global pandemic in 2020, online shopping and retail have increased dramatically as more individuals prefer online shopping.
Attackers know the damage caused by DDoS attacks now is more costly to businesses, especially around the lucrative holiday season.
According to current forecasts, DDoS attacks will reach a record 11 million by the end of 2021. Knowing this, organizations must design their network mitigations and server technologies with the ability to withstand more significant DDoS attacks.
One of the most common ways attackers attempt to compromise environments is using compromised credentials. Obtaining compromised credentials is an easy, minimal effort attack vector that can lead to tremendous damage to business-critical data.
As mentioned, employees are more distracted and prove to be easier targets around the holidays. Phishing emails, aside from launching a ransomware attack, can be used to harvest legitimate credentials. A growing business on the dark web is Initial Access Brokers. The Initial Access Broker provides criminals with legitimate and verified user accounts for a price. It allows attackers to purchase credentials on the dark web, so the hard work of getting access to the environment is already complete.
According to the IBM Cost of a Data Breach Report 2021, compromised credentials were the most common initial attack vector, accounting for 20% of breaches. In addition, compromised credentials are among the costliest and lead to a longer data breach lifecycle than other types of data breaches as they are more challenging to detect. To combat this threat, organizations must bolster their password policies and implement adequate breached password protection.
Increasing the security of Active Directory passwords and implementing breached password protection are critical to bolstering cybersecurity posture during the holidays. Unfortunately, native Active Directory password policies lack modern features to protect user accounts from weak passwords, incremental passwords, and significantly breached passwords.
Specops Password Policy helps to overcome these challenges. Note the following features.
In addition, Specops Password Policy provides the following benefits:
Learn more about the password protection provided by Specops Password Policy and start a free trial.
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.