Christmas - The most vulnerable time of the year for cyber attacks

Christmas is fast approaching and while you and your employees are gearing up for the festive season, so are the bad guys. Malicious actors don’t take a break during the holidays meaning your organisation's chances of being a victim of a cyber attack whilst you celebrate the holiday season increases. 

Reports suggest that 75% of cyberattacks happen at night, over the weekend or during the holiday season, meaning that an attack is a very real possibility.

Malicious cyber actors have often taken advantage of holidays and weekends to attack and disrupt critical networks and systems belonging to organisations, businesses, and critical infrastructure.

As prevention is better than cure, we have compiled our top 6 cybersecurity tips for employees and organisations alike so you can relax, be safe and merry over the festive season.

  

1. Take extra care with emails

More than 3 billion phishing emails are sent out daily and distraction is key to a successful attack. Christmas is a prime period for this, as employees are gearing up for the Christmas period and may not look for the signs of a phishing email as thoroughly as they would any other time of the year. 

It is crucial to recognise the signs of a phishing email and report them if you receive one. Bogus emails with malicious links or attachments could quickly unleash ransomware into your organisation's network and be detrimental to your business at its busiest time of the year.

Unfortunately, spotting a phishing email isn’t an exact science as malicious actors are continually changing the structure of the emails and increasing their sophistication. However, below is some guidance that if you apply to a suspicious email, will help you root out the majority of them:

• The email requests personal information 
• The email domain is suspicious
• The email contains web addresses which have hidden domains or shortened links
• The email contains a suspicious attachment
• The email creates a threat or sense of urgency
• The email is informal and contains spelling mistakes

For a more in-depth explanation, security consultant Daire Kennedy, details how you can best spot social engineering attacks to protect your organisation from cybersecurity threats in ‘Protecting Your Business From Social Engineering Attacks’.

  

2. Backup your critical data

Ransomware attacks encrypt critical data files so they cannot be accessed by an organisation. Even if the ransom is paid to malicious hackers, there is no guarantee that the information will be decrypted.

Data loss can happen to anyone and cause massive problems for businesses. Trying to get back vital information can be expensive, time-consuming and recovery is highly unlikely. While there are preventative measures you can take, the best way to protect yourself against data loss is to have a robust backup system in place.

Having an offline data backup of your most important files is important, not only to be prepared for a ransomware attack but to be prepared for any eventuality which could cause a loss of critical data.

  

Test Your Backups Regularly

Backups should be regularly tested and updated to ensure you have the data available in the event of a disaster.

The most basic approach to testing is to run through the restore process periodically. 

Performing these tests can be time-consuming, but if you don't do them, you run the risk of losing all your data if your backups fail unexpectedly.

Consider scheduling your backup update and testing to be completed before the holidays every year.

  

3. Update, scan & patch software

We all know how annoying it is when a pop-up appears on the screen telling us that a system or application needs updating. It’s so much easier to simply snooze it, and leave it for another day. But, when it comes to software and applications, it’s important to install the latest updates. 

Threat actors are always on the lookout for newly discovered vulnerabilities to exploit. If you have outdated (end-of-life) software, you could be exposed to weaknesses with no update.

  

4. Secure your organisation's devices

Strive to make certain that any devices your organisation use are as secure as possible to defend against attacks. This includes installing anti-virus software and securing your device configurations. 

 

Anti-virus software

Anti-virus software is one of the most commonly used cybersecurity tools. It protects against a variety of malware and unauthorised malicious software from gaining access to sensitive company information.

 

Secure device configurations

Although default configurations on new devices or software are convenient when you’re getting started, make sure you change the configurations immediately to reduce the risk of a breach or cybersecurity incident.

 

5. Go a step further by enabling MFA

Multi-factor authentication (MFA), also known as two-factor authentication (2FA), is an additional layer of security for any login in process.

MFA works by sending a verification code to a mobile number or authentication app, or using biometrics such as a fingerprint scan or face recognition scan to prevent unauthorised logins to accounts.

It is the best way to protect your organisation's accounts from malicious actors as it significantly reduces the risk of accounts being hacked and sensitive information being compromised.

  

6. Secure Your Networks

Network security is a broad term which covers a range of technology, devices and processes designed to protect the integrity, confidentiality and accessibility of a business's networks and data.

All businesses, regardless of size, industry or infrastructure, require a degree of security to their networks and systems to protect them from the ever-growing cyber threat landscape.

In this section, we concentrate on three main security aspects that you can quickly implement into your business.

   

Access Controls

Access controls essentially restrict access to the information within the business's data and services based on their role and the information they need to complete their job.

Access can be based on a number of factors such as authority and responsibility. In addition to this, access to computer resources can be limited to specific tasks including the ability to view, create or modify files.

 

Firewalls 

A firewall is a network security device that monitors incoming and outgoing traffic on a business network. The device permits and blocks data packets based on a predefined set of security rules. 

The device's main purpose is to establish a barrier between a business's internal network and incoming traffic from external sources in order to block malicious traffic such as criminal hackers or malware. This, in addition to a VPN, is vital for your remote workforce to ensure you have a robust cyber security posture to prevent cyber criminal attacks.

  

Virtual Private Network (VPN)

A Virtual Private Network (VPN) is an encrypted connection between a user's device and a network. It is one of the best ways to protect your business, especially when your business has employees who need remote access to internal applications and data. 

A VPN is one of the most important tools to keep a business protected from a data breach and provides businesses with secure remote access capabilities for remote workers.

  

Threat Management is not just for Christmas

Threat management isn’t just for the holidays, it's a necessity all year round. Your organisation needs to protect its sensitive information and critical assets by managing the full threat lifecycle by developing robust policies and procedures to mitigate risk and defend against cybersecurity attacks. 

  

Get our expert help

It is critical to be aware of the potential threats that are out there, and the mitigations outlined above can help to protect you from the many common attack vectors. However, it is also important to remember that what has been outlined here should not be considered as a comprehensive list of controls, but rather a good starting point for implementing a basic cyber hygiene strategy for your business.

If you would like to learn more about how Secora can help you protect your business, get in touch. Our team has the skills and expertise to work with your organisation on creating a robust cyber security posture that provides peace of mind in an ever-evolving cyber threat landscape.