The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the FIFA World Cup 2022, many cybersecurity experts have advised heightened caution about online impersonation scams and phishing campaigns. Looking back at 2021, studies show a 30% increase in ransomware attacks, and a 70% increase in attempted ransomware attacks during the holiday season, compared to the monthly average. It is clear that the holiday season exposes many organizations to an increased risk of cyberattacks.
Reasons why cyberattacks increase during the holiday seasons.
- IT professionals are out of the office – Holidays mean fewer in-office employees operating during that time. This results in drawbacks, such as distracted employees, fewer employees responding to threats, and longer response times, all of which contribute to higher chances of success for cyber-attacks.
- Phishing emails and fraudulent websites – By targeting well-known shopping days, such as “Black Friday”, and Christmas sales, threat actors use phishing emails and fraudulent websites to lure consumers which enables the attackers to obtain sensitive information, and install malware on systems.
- High network traffic – Company networks are strained due to high network requests and traffic. This leverages threat actors to easily penetrate systems and launch Distributed Denial of Service attacks (DDoS). According to the 2022 California Business Journal, DDoS attacks increased over the year by 109%, and each attack costs between $20,000 and $40,000 for every hour it continues.
Common cyberattacks during the holiday season
The Hacker News has defined a list of the most common cyber-attacks that occur during the holiday season.
The highest active malware that affects many organizations mainly during the holiday season, ransomware denies access to data until a ransom is paid. According to the 2022 IBM Cost of a Data Breach Report, ransomware costs an average of $4.54 million, which is higher than the average cost of a breach of 4.35 million. Ransomware represented a greater portion of the breaches this year. Threat actors can execute ransomware through malicious links in a phishing email or through malicious code in a hijacked website. Defensive techniques, such as proper email filtering, strong password policies, and least privilege access can reduce the risk of becoming a ransomware victim.
2. Phishing emails
Emails providing various unbelievable offers and deals, disguised as originating from legitimate companies, is the most common tactic of email fraud during the holiday season. It also includes false alerts about services that someone has subscribed to, such as bank or telecommunication services, in return for requesting personal details to repair the alleged problem.
The IBM report indicates that 16% of the attacks were phishing attacks, which cost an average of $4.91 million. Maintaining phishing email filters, disallowing downloading of attachments, and cybersecurity training will reduce the risk of phishing attacks.
3. Data Breach
Data breaches can happen through various cyber-attacks, such as malware infection, phishing, ransomware, and password attacks. These attacks mainly occur because the employees are more distracted during the holiday season, and through negligence by not following the security protocols properly.
Due to the massive amount of important data being circulated online during the holiday season, threat actors are motivated to capture valuable data as much as possible. Of course, security awareness training, and maintaining a security culture can prevent breaches at their earliest stages. One strategy to raise awareness during this festive period could include holiday-themed security messages.
4. Distributed Denial of Service (DDoS) attacks
Interruption of a business’s resources due to a DDoS attack is a considerable loss that a company cannot tolerate. It would lead to dissatisfied customers, loss of revenue, and damage to the reputation of the brand. While DDoS attacks are not as popular as they were, due to the relative ease of launching a ransomware attack, this attack type is no longer high on most risk registers.
However, this should not prevent an organization to assess the risk, as well as the possible impact of such an event. Organizations need to prepare their assets and technologies to withstand DDoS attacks. Most internet service providers offer DDoS prevention services, and this should be weighed against the risk.
5. Breached Passwords
The most common way that a threat actor would try to compromise a system is through breached passwords. Compromised credentials remain the most common initial attack vector. Therefore, organizations need to implement strong password protection policies and protocols among employees. The latest password managers offer corporate-class versions that can remove a lot of the problems associated with weak, and reused passwords. Multi-factor authentication is also a requirement to further protect against brute-force password attacks.
Tips to protect your organization against cyber-attacks for the holidays
- Conduct cybersecurity training for employees – Providing proper training and awareness to employees about cyber threats and attacks and how to mitigate them, encouraging proper cyber-hygiene.
- Scan, update, and patch vulnerabilities – Make sure to discover the vulnerabilities in your network and systems before attackers do, and patch and update them based on their risk to the organization.
- Avoid single points of failure – Having all your digital assets in a single location makes it easier for attackers to compromise and cause maximum damage. If your organization cannot afford to build redundancies to avoid the single point of failure problem, make sure that your disaster recovery plan accounts for that. The cost of operating a hot site could offset the cost of full-failover systems. Having many backups and categorizing assets to different locations minimizes the damage caused.
- Create an incident response plan – Just as the disaster recovery plan can help to prepare for disruptions, preparing your staff to understand the need to handle security incidents that might occur during the holidays can mean the difference between business success, and failure. There are creative ways to reward those who jump to help the business in the event of an emergency during a holiday.
Many statistics have shown that cyberattacks increase during the holiday season, and both businesses and consumers are widely affected. Phishing and ransomware attacks are the most frequent attacks, and threat actors are highly attentive during the holidays to take advantage whenever possible.
Since many employees are distracted during the festive season, and due to the increase in online transactions, cyber-attacks are more likely to take place. Therefore, it is crucial that organizations have proper cyber security strategies in place to prevent these attacks and protect their systems and customers.
About the Author:
Dilki Rathnayake is a Cybersecurity student studying for her BSc (Hons) in Cybersecurity and Digital Forensics at Kingston University. She is also skilled in Computer Network Security and Linux System Administration. She has conducted awareness programs and volunteered for communities that advocate best practices for online safety. In the meantime, she enjoys writing blog articles for Bora and exploring more about IT Security.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.