The holiday season is one of the highlights of anyone’s year – including cyber criminals. With the highest transaction rates of the year, doors closing over the holiday period and everyone switching off after a long, tough year, businesses and individuals alike are prime targets for festive season cyberattacks. Here are some insights into the most common security risks facing businesses over this period, as well as tips to protect your employees and your business.
Threat #1 – Phishing Attacks
The run-up to the holiday season means a massive increase in email communications as businesses make orders and purchases, send out gifts, make charitable donations, and wrap up work for the year. This surge in email communication makes it easy for phishing emails to slip into the mix, targeting busy employees through sophisticated scams that look just like the real thing.
Replicating legitimate branding, these emails look like the real thing – but the links they contain take users to websites where personal and business details are requested. Something as seemingly harmless as order receipts, delivery status updates or order confirmations can easily hide malware. When your employee unthinkingly sends off their information, they can easily put sensitive personal or business information, or even money, directly into the hands of cybercriminals.
At this time of year, employees are tired and less focussed on work, which is understandable – but it makes falling for a phishing scam easier. Our advice is to have your IT team check your email security to ensure the strongest spam and phishing filters are in place, and so send out a memo reminding employees to check all emails carefully, not to click on any email links, and to double check with a manager or your IT team if something strikes them as suspicious.
Threat #2 – Direct Hacking Attempts
During the festive season, many businesses close their doors or work with skeleton staff, and that makes it easier for cybercriminals to directly attack networks and systems, as well as stay undetected for longer.
This can happen in two ways – either by remotely attacking your system through the internet, or gaining physical access to your offices and computers. Before you know it, cybercriminals can lock you out of your system using ransomware, steal personal and client data, or access business accounts. This is an especially significant issue for financial and retail sector businesses where data is especially valuable on the dark web, but attacks can happen on any business, in any industry, of any size – and they can lie dormant over the festive season until you return in the New Year.
So, what can you do? Firstly, ensure that your premises are properly secured over the holiday season. Security cameras should be working (and if possible, accessible remotely), access control systems should be functional, and physical security policies should be in place.
Secondly, your IT security should not be taking any time off. Use a partner that is able to offer their full services 24/7, every day of the year, so that your system can be continually monitored for threats, alerts responded to immediately, and IT security systems kept up-to-date at all times.
Threat #3 – Ransom Distributed Denial of Service (RDDoS) Attacks
RDDoS attacks use bots to overwhelm your website with more traffic than it can handle, causing the website to slow down and crash. While this is often targeted at retailers and ecommerce businesses that stay operational through the holiday period, it can cause massive problems for any online business the moment you start gearing up for 2021 operations.
The problem with RDDoS attacks is that any business can be attacked because the service requests the bots send to your server look completely legitimate – as if several million people have just decided to visit your website. Hackers can attack your network’s bandwidth with massive amounts of traffic, exploit vulnerabilities in your server’s resources or attack specific web applications.
The aim here is to bring your online assets to a grinding halt, with cyber criminals requesting businesses pay a ransom to stop the attack.
Employees should be aware of symptoms of a RDDoS attack, including internet disconnections, inability to access the website, excessive spam emails and slow file access. If customer complaints start stacking up about an inability to use your website, you need to act quickly.
Again, the best way to prevent this type of attack over the holiday season is to have an IT security team in place who is actively working and monitoring your networks 24 hours a day even while your business is closed. Not only can they act quickly when a threat is detected, they can put the right solutions in place to minimise your business’s appeal as a target.
Cybersecurity Solutions – Relax Knowing That Your Business Data is in the Right Hands
You deserve some quality time off, and the last thing you want to worry about is cyberattacks on your business. At Milan Industries, we’ll work with you to provide an affordable, state-of-the-art cybersecurity solution, and our team will be on alert through the festive season to keep your business secure to provide you with peace of mind.