Like any other people, many believe that hackers try to take a break and work less during the festive season. However, this is not the case. In fact, cybercriminals end up doing extra hours during the holidays as they know that companies and individuals often let their guard down around this time.
Attacks are more likely to succeed as many Americans decide to hit the road or spend more time with their family. Both FBI and CISA issued a reminder aimed at critical infrastructure organizations to stay vigilant against threats during holidays and weekends. This should also be considered an alert for individuals and small and medium businesses to remain on top of cyber security procedures during the jolly season.
The government agencies reminded everyone of the multiple attacks that happened over the last twelve months. Those should be considered a sign that cyber security actors likely located on the other side of the world will actively look for ways to disrupt the critical networks and systems belonging to everyone associated with such infrastructure. Hackers know that many employees will be far away from work or just be home with the family enjoying the festivities, and this is precisely the time they may attack.
Both individuals and organizations need to be always on alert about potential threats such as possible ransomware attacks. Earlier this year, hackers successfully attacked many organizations on holidays such as July 4th and Mother’s Day weekend. It won’t be surprising if they end up attacking during the festive season of 2021 too. For example, the Japanese tech giant Panasonic, a company with significant presence in the USA, was just hit in November. The tech conglomerate confirmed a data breach after hackers gained access to its internal network earlier this year.
Bad actors want to see your guard down and dislike attacking targets that are too hard. So, similar to when hacking, they explore ways to go around obstacles. And the downtime for many employees during the holiday season is the perfect opportunity for cybercriminals to strike as they meet less resistance. The end of the year is also stressful for many employees. Distracted people are more likely to open phishing emails and click on links they are not supposed to.
Ensuring that you are protected against phishing scams, spoofed websites, and unencrypted financial transactions is a must. Individuals could rely on backups and reputable antivirus software. Business entities must always be a step further with designated IT security employees immediately available in an emergency. Activating multi-factor authentication wherever possible and practicing good password hygiene is always helpful too.