Be Wary of Ransomware and Holiday Season

cybersecurity

As the holiday season approaches, many people are starting to prepare for the rush of shopping and festive gatherings. We previously posted about the cybersecurity risks that holiday weekends pose. The end-of-the-year holiday season is no exception with ransomware attacks and holidays.

With its four-day weekend, food poisonings and door buster sales, the American Thanksgiving is always a threat. This year, Christmas could make hackers even more attractive because it falls on Saturday. Many companies will observe long weekends because of Saturday Christmas. Do you not recall the cyber attacks were common this year on the Fourth of July weekend?

This situation is so serious that the U.S. Cybersecurity and Infrastructure Security Agency released a bulletin warning businesses about cybersecurity threats posed by holidays.

Here is the warning statement from them:

CISA and FBI recommend that organizations monitor ransomware threats on weekends and holidays. CISA and FBI recommend that IT security personnel be “on-call” at these times in case of ransomware attacks.

 

Holidays are for Hackers?

“Could the holidays be for hackers? Hackers thrive on holidays. Hackers love holidays. You see, hackers thrive when they are away from the office. Therefore companies need to be on the alert as well as the MSPs that support them. 

IT and cybersecurity professionals also need vacations. Engineers are the most overworked IT professionals. These MSPs must find a balance between a restrained workforce and a protected client.”

You might consider having “Christmas in June” as a staffing option if you’re short of staff. Although this advice is not applicable to this year, it’s an important tip for MSPs for the future.

Back to the basics

Companies will find that it is important to remember the basics in order to have a safe holiday season.

It is easy to forget the basics while your thoughts are on Christmas cards, gifts, and plum pudding ingredients. It’s not just one way. Staff and employees or IT departments are also distracted by the holiday season.

Although IT departments and MSPs strive to automate as much of their work as possible, but that humans are responsible and can be distracted. All of us need to be vigilant and do regular patching.

For example, it imperative that staff shops using their own personal devices and not company computers.

While people need to take breaks and have downtime, they should still shop on their own devices. There are too many things that could go wrong when employees enter credit card numbers and get email confirmation links for shipping via company-owned devices.

Reset those accounts

The holidays are a great time to start a “password cleansing.”

In fact, people should always change their passwords at least once a year, but it is worth having everyone do it before the holiday season begins.

Multi-factor authentication (MFA), which is now in full force, is also a good time to make sure it is. MFA activates the most secure authentication tools, such as bio-metrics and a unique code sent to your mobile phone or smartphone. This will help protect online accounts.

End User

All year round, end-user training is vital. Companies can now deploy it at a low cost and effective price. MSPs can help.

Employees must be vigilant at all times especially when working with email. Hackers are likely to impersonate favorite retailers, couriers and holiday events as well as payment services. It is easy to accidentally click an incorrect link with all the holiday cheer.

Seasonal Staff

Seasonal employees are another risk that holiday workers face. This risk could be accidental or malicious.

For example people may leave passwords on sticky notes to make it easy for seasonal employees to access Wi-Fi or other logins. Obviously this is not a good idea in general. Also, seasonal staff may not be as well-trained as regular staff.

“Seasonal employees will not be as steeped into company culture as staff who work year round. While there may be some people who are looking to cause trouble, others might inadvertently stumble into a cybersecurity problem.

New Year

New Year’s Day is also a major holiday.

“But, because it falls at the end of a string holiday there is a lot cyber-fatigue by this point. Many people believe that Christmas is over once they have lost their mind. Hackers know this and might take advantage of your ineptness to launch an attack.”

You’ll enjoy a happy holiday season if you stay alert

About JNS

We deliver enterprise level cybersecurity solutions as well for the SMB market. Get Multi-Layered Security That Protects Against Threats.  Respond To Cyber Attacks and let us help you adopt a cyber resiliency plan to mitigate risk & ensure business continuity.

 

cybersecurity

As the holiday season approaches, many people are starting to prepare for the rush of shopping and festive gatherings. We previously posted about the cybersecurity risks that holiday weekends pose. The end-of-the-year holiday season is no exception with ransomware attacks and holidays.

With its four-day weekend, food poisonings and door buster sales, the American Thanksgiving is always a threat. This year, Christmas could make hackers even more attractive because it falls on Saturday. Many companies will observe long weekends because of Saturday Christmas. Do you not recall the cyber attacks were common this year on the Fourth of July weekend?

This situation is so serious that the U.S. Cybersecurity and Infrastructure Security Agency released a bulletin warning businesses about cybersecurity threats posed by holidays.

Here is the warning statement from them:

CISA and FBI recommend that organizations monitor ransomware threats on weekends and holidays. CISA and FBI recommend that IT security personnel be “on-call” at these times in case of ransomware attacks.

 

Holidays are for Hackers?

“Could the holidays be for hackers? Hackers thrive on holidays. Hackers love holidays. You see, hackers thrive when they are away from the office. Therefore companies need to be on the alert as well as the MSPs that support them. 

IT and cybersecurity professionals also need vacations. Engineers are the most overworked IT professionals. These MSPs must find a balance between a restrained workforce and a protected client.”

You might consider having “Christmas in June” as a staffing option if you’re short of staff. Although this advice is not applicable to this year, it’s an important tip for MSPs for the future.

Back to the basics

Companies will find that it is important to remember the basics in order to have a safe holiday season.

It is easy to forget the basics while your thoughts are on Christmas cards, gifts, and plum pudding ingredients. It’s not just one way. Staff and employees or IT departments are also distracted by the holiday season.

Although IT departments and MSPs strive to automate as much of their work as possible, but that humans are responsible and can be distracted. All of us need to be vigilant and do regular patching.

For example, it imperative that staff shops using their own personal devices and not company computers.

While people need to take breaks and have downtime, they should still shop on their own devices. There are too many things that could go wrong when employees enter credit card numbers and get email confirmation links for shipping via company-owned devices.

Reset those accounts

The holidays are a great time to start a “password cleansing.”

In fact, people should always change their passwords at least once a year, but it is worth having everyone do it before the holiday season begins.

Multi-factor authentication (MFA), which is now in full force, is also a good time to make sure it is. MFA activates the most secure authentication tools, such as bio-metrics and a unique code sent to your mobile phone or smartphone. This will help protect online accounts.

End User

All year round, end-user training is vital. Companies can now deploy it at a low cost and effective price. MSPs can help.

Employees must be vigilant at all times especially when working with email. Hackers are likely to impersonate favorite retailers, couriers and holiday events as well as payment services. It is easy to accidentally click an incorrect link with all the holiday cheer.

Seasonal Staff

Seasonal employees are another risk that holiday workers face. This risk could be accidental or malicious.

For example people may leave passwords on sticky notes to make it easy for seasonal employees to access Wi-Fi or other logins. Obviously this is not a good idea in general. Also, seasonal staff may not be as well-trained as regular staff.

“Seasonal employees will not be as steeped into company culture as staff who work year round. While there may be some people who are looking to cause trouble, others might inadvertently stumble into a cybersecurity problem.

New Year

New Year’s Day is also a major holiday.

“But, because it falls at the end of a string holiday there is a lot cyber-fatigue by this point. Many people believe that Christmas is over once they have lost their mind. Hackers know this and might take advantage of your ineptness to launch an attack.”

You’ll enjoy a happy holiday season if you stay alert

About JNS

We deliver enterprise level cybersecurity solutions as well for the SMB market. Get Multi-Layered Security That Protects Against Threats.  Respond To Cyber Attacks and let us help you adopt a cyber resiliency plan to mitigate risk & ensure business continuity.