Why Hackers Love the Holidays

And what to do about it

As we move into this year's holiday season, cybersecurity remains a top concern for companies around the world. Here's why.

Hackers Love the Holidays

The strategy is simple. Wait until nearly all employees are away from the office. A long weekend, like Thanksgiving or July 4th, will do just fine. An extended break like Christmas through New Year's is even better. At this point, your target's defenses will be at the bare minimum, and their ability to launch an effective response will be greatly hampered. To make matters worse, for many businesses the holidays will be their busiest time of the year, ensuring that the resources that are available will be stretched their limits.

Hackers continue to use this technique year after year, and have only grown more successful at pulling it off. For example, last year's massive SolarWinds hack came right before Christmas and then showed up once again around Memorial Day. The Kaseya ransomware attack took place over the July 4th weekend. And the hack that halted operations at meatpacking giant JBS occurred on the eve of the Memorial Day weekend. The list goes on.

It's therefore no wonder that both businesses and governments consider cyberattacks to be a leading risk going into each holiday season.

What To Do About It

As with most risks, how you prepare will be key to your ability to defend, detect, and respond to most cyberattacks.

General advisories issued by CISA and the FBI encourage businesses to be especially vigilant in following industry best practices such as avoiding suspicious links, backing up data offline, updating software, and implementing 2FA. In addition, review and update your Business Continuity Plan. Businesses at an increased risk should consider running a tabletop exercise.

While bread-and-butter cyber hygiene may feel underwhelming, we find that the most damaging breaches often result from the simplest attacks. For example, a recent congressional investigation into the three largest breaches on 2021 noted that "small lapses led to major breaches. Ransomware attackers took advantage of relatively minor security lapses, such as a single user account controlled by a weak password, to launch enormously costly attacks."

Finally, to help make up for the decrease in human staff, Silent Breach recommends bolstering your capabilities via digital tools, such as a continuous monitoring platform, or a managed service provider who can look after things while your team is away.

How We Can Help

Don't go into this holiday season without a plan. Silent Breach experts can help keep you protected with a range of award-winning solutions:

Vulnerability Audits: Our experts are available to conduct a tailored vulnerability audit of your infrastructure and create a detailed mitigation plan designed to protect against this year's leading attack vectors.

Managed Services: We offer everything from a vCISO to a full SoC to ensure that if anything happens, we'll have you covered.

Quantum Armor: In addition, we're offering a 30-day free trial of Quantum Armor, our attack surface management platform, to help more businesses stay protected this winter.

Talk with one of our representatives today to learn more about how we can help improve your security.

Similar Reads:
The Rise of the Virtual CISO
Top Four Cloud Security Tips for 2021
Securing Communication Channels in the Enterprise Environment

About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.