As we look to unplug and refresh this holiday season, it’s important to remember that these are the times that cybercriminals look forward to as well, though for very different reasons!
In the latest CISA and FBI reports, organizations are urged to remain vigilant against ransomware and cyber threats this holiday season, as this is the time when attackers are on the move. This comes as a large burden to IT security departments, as the security of their organizations rest in their hands. A recent report found that a whopping “two out of every five CISOs reported missing out on a national or federal holiday like Thanksgiving because they had to work.”
9 out of 10 cybersecurity professionals previously hit by a holiday or weekend ransomware attack say they’re worried another will happen ahead of the winter holidays.
“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” said FBI Cyber Assistant Director Bryan Vorndran.
Historically, bad actors have taken advantage of this time of year as well as weekends to infiltrate organizations and attack when security teams may be off.
As a team dedicated to the security of others with managed services such as Guardian 365, we know the heightened risks of not having the resources to dedicate to security 24×7 throughout the year. It can be a scary and overwhelming predicament if you are unsure as to your security posture and chances of detecting breach when it happens.
Valuable information and links to consider this holiday season:
- Internet Crime Complaint Center(IC3) | Home Page
- Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends | CISA
- Holiday Traveling with Personal Internet-Enabled Devices | CISA
- Guardian 365 Managed Security Services
“We will continue to provide cyber threat information and share best safeguard practices. We urge network defenders to prepare and remain alert over the upcoming holiday weekend and report any suspicious activity to www.ic3.gov,” said Vorndran.
At the very least, we recommend ensuring the following security barriers are implemented and deployed before enjoying the break:
- Back up important data
- Have an incident response and communication plan
- Educate employees to spot suspicious activity, such as phishing emails
- Mandate single-use passwords for all employees
- Avoid public wi-fi
- Use multi-factor authentication
- Use Azure Active Directory + Active Directory
- Look at Microsoft Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud
Our team is always a click or call away. If you would like to talk security with us, please reach out anytime. Wishing you a safe and secure holiday season this year and always!