It’s that time of year again. The weather is bitter, the days are short, and the festive cheer is finally upon us. But Santa Claus isn’t the only person coming to town.
‘Tis the season for cybercrime, say experts, warning enterprises to stay vigilant as cybercriminals flock in their masses to take advantage of the holiday season.
Last Christmas, cyber attacks hit an all-time high, with more than 300,000 phishing attacks being recorded in December – three-times more than they were less than two years ago.
That number is set to increase even more this year. The number of Cyber attacks has been surging all year long, with a staggering 90% of organisations falling victim to cyber attacks over the past six months.
”Cyber attacks, as our reports point out, continue to increase, especially more so around such special holiday seasons such as Christmas,” Charlie-Lee Adams-Kruger, country manager for South Africa at Checkpoint, told ITWeb.
“Both ransomware and phishing are the order of the day for companies and individuals, so no one is exempt from danger,” he added.
As enterprises close their doors to celebrate the festivities, experts warn that they must adequately prepare themselves against cyber grinches, whose threat is more heightened than ever before.
How Christmas puts your company at risk
With people around the world scrambling to do their last-minute online shopping at this time of year, it comes as no surprise that the number of phishing email victims increases tenfold.
Individuals are more vulnerable to phishing scams when they are frantically looking for gifts, so Cybercriminals are creating enticing, seasonally appropriate phishing campaigns to exploit this.
When an individual’s festive vulnerability to phishing scams enters the enterprise, the results can be disastrous. All it takes is one employee to click on a suspicious email and a whole company can be infiltrated and attacked.
Once an attack strikes, its effect is further amplified by the distraction of the festivities. Many companies are extremely short-staffed, or have no staff at all, making it difficult for them to adequately respond to attacks when they happen.
Then there’s the fact that many people overindulge during the Christmas period. In 2021, Cybereason found that 70 per cent of respondents surveyed admitted to being intoxicated while attempting to defend their company against ransomware attacks.
This leads to a perfect storm of circumstances that allows malicious actors to strike and cause serious damage during the festive season.
To read more about phishing attacks, visit our dedicated Business Continuity Page
Constructing a solid Christmas contingency plan
For companies to be able to fight the ‘cyber Christmas curse’, cybersecurity experts suggest they must build robust cyber defences to prevent attacks before they happen.
The first step is to ensure employees do not fall for phishing scams, which are the most common tool used by threat actors during the festive period.
One way a company could do this, according to Keven Knight, Chief Operating Officer and cofounder at Tailon, is by “creating a company code/signal for Christmas-themed emails (such as work parties and Secret Santa) to highlight to co-workers that the email is, in fact, safe”
In addition to measures like this, companies must ensure they keep all defence systems up to date and scan for vulnerabilities regularly, especially before the surge in cybercrime during Christmas and New Year.
As cybercriminals become more capable and sophisticated than ever, there are only so much employees can do to protect themselves, so it is critical that every organisation plans ahead and invests in solid defence measures.