Cyber Criminals Have Holiday Cheer Too (But for a Different Reason)
As all of us welcome this holiday season with cheer- cyber threat actors also welcome a new and cheerful opportunity to exploit your organization’s cybersecurity in the hopes of a big holiday payout. One thing we know is not on your Christmas list this year is ransomware.
Cyber-attacks generally increase during the holiday season for a plethora of reasons, some of them being; more sensitive data to steal online, increased network strain due to high levels of online traffic, and IT professionals out of the office during the holidays, slowing down response times.
For ransomware, the holiday season brings a higher chance of success for cybercriminals. In one study by Continuity Central, Where they surveyed 1,203 cyber security professionals, they found that holiday and weekend ransomware attacks result in greater revenue losses than ransomware attacks on regular weekdays, with one-third of respondents saying their organization lost more money from a holiday/weekend ransomware attack. In 2021, CISA and the FBI released an alert due to the increase in ransomware attacks. They stated, “we have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed.” “…we encourage all entities to examine their current cybersecurity posture and implement the recommended best practices and mitigations to manage the risk posed by all cyber threats, including ransomware.”
Here’s the real kicker to drive it home– 2021 saw a rise in ransomware attacks by 92.7% compared to 2020, with over 2,690 attacks reported in 2021.
By definition, human error refers to something having been done unintentionally that caused a negative result. In the most recent study, carried out by Statista, it was reported that of 1,000+ MSPs, human error was the single most significant accounting factor that led to the successful carry out of ransomware attacks. A staggering 54% was attributed to spam/phishing emails, 27% to poor user practices/gullibility, 26% to a lack of cybersecurity training, 21% to weak password/access management, and 10% to lost/stolen user credentials. We can’t prevent human error one hundred percent of the time, but we can intentionally put safeguards, security tools, and practices in place that can dramatically reduce the risks of human errors that lead to a successful ransomware attack. Listed below are ways organizations can effectively reduce their risk.
1. Patch Your Systems
Software vulnerabilities are one of the most common entry points hackers will use to gain a foothold on your organization to carry out ransomware. Various operating systems and software with these vulnerabilities need to be patched regularly. Forgetting to patch vulnerabilities can leave an entryway for threat actors to exploit and use to demand ransom money.
2. Train Your Employees
Because human error is the leading cause of successful ransomware attacks, training staff to identify and prevent attack attempts remains a vital part of any organization’s cybersecurity strategy. Specific topics for training employees include; the importance of solid passwords/password management, social media information privacy, indications of a phishing attack, and secure emailing and file sharing. Employees are even more prone to falling for an attack during the holiday season because their minds are switching to holiday mode. They will be paying less attention as they look forward to spending time off with their families. Conducting a refresher of employee cybersecurity training right before the holiday season may be in your best interest.
3. Monitoring Your Attack Surface
Organizations should monitor their entire threat surface daily for suspicious activity that could signify a vulnerability that could open them up to a ransomware attack. If an organization does not have the resources to house its own security operations center (SOC) that will analyze logs, scan for vulnerabilities and conduct spot checks, then hiring an outside cybersecurity company, such as AgileBlue, is in their best interest. AgileBlue’s SOC-as-a-Service provides 24/7 monitoring, threat detection, cloud-based SIEM, and response to identify a breach before it can bring a ransomware attack to your doorstep.
4. Credential Hygiene
Organizations should ensure that employees and users are equipped with solid credentials that cannot be brute-forced (i.e., passwords or credentials that cannot be guessed). This goes hand-in-hand with one of the training elements that should be taught to employees. Organizations must also monitor access to critical information and regularly remove former employees and users from having access.
5. Deploy Security Tools
Organizations should first identify where there may be vulnerabilities and opportunities for hackers to steal critical information and implement the appropriate tools to safeguard against a breach. Organizations should have a set of security tools they employ to bolster their overall security posture. Some of these tools include eXtended Detection and Response (XDR), multi-factor authentication (MFA), data backups, password managers, and anti-spam software, to name a few. At AgileBlue, we provide 24/7 monitoring, extended visibility, analysis, and response across networks, clouds, apps, and endpoints through our SOC|XDR platform.
To learn more about how AgileBlue can protect your organization from the risks of ransomware this holiday season and throughout the year, check out our comparison page to read about all we offer, or fill out the form below to speak with a member of our team.