Thanksgiving and the winter holidays are fast approaching, bringing tides of joy, holiday spirit, and a few extra days away from work. Normally a time for R&R with family and friends, U.S. holidays are quickly becoming a target-rich environment for internationally sanctioned cyberattacks.
According to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), there is a pattern of increased “highly impactful” attacks occurring during and around holidays in the United States. The agencies suggest that cybercriminals strategically target American holidays to breach enterprise networks because they know offices are short-staffed and response times to cyber events are likely to be dramatically reduced.
Further, because employees often travel during and around holidays, companies may need to call in third-party experts to handle a breach. The result is more valuable time for hackers to propagate a ransomware attack, for example, as the outside experts take stock of a new network.
A Pattern of Attack
On July 2nd, 2021, as people prepared for the first semi-normal holiday since the beginning of the pandemic, the Fourth of July, a Russian-based ransomware-as-a-service (RaaS) group was busy launching a cyberattack against third-party vendors of Kaseya, a U.S. software company based in Miami. The breach affected about 1,500 businesses and the attackers demanded a ransom of $70 million.
The Kaseya hack is part of an established pattern of large cyberattacks targeting organizations around holidays.
- Thanksgiving 2013: Target experienced a seismic breach of 1,797 of its stores
- Christmas 2020: A Russian-backed cybergang released sensitive data from private organizations and the United States military, in the SolarWinds hack
- Memorial Day Weekend 2021: The same Russian group tried sending phishing emails to hundreds of companies, though the attack is considered a failure
As noted by the FBI and CISA, there is a clear strategic design to the timing of certain cyberattacks—holidays are open season. That is why they strongly encourage increased thoroughness in evaluating your security posture leading up to holidays—especially holiday weekends—and not letting your guard down even if you feel confident in your defensives. Key – talk to your IT Services providers often about these issues.
What steps can your organization take to mitigate holiday cyberattacks?
Preparing for Cyberattacks Around Holidays
The solution to the prevalence and severity of cyber threats does not and should not need to be maintaining a full staff and refusing employees time off during holidays.
To protect your business’s most valuable asset—your data—there are two extremely valuable preventative steps you can take to mitigate the likelihood of a holiday attack.
Conduct Penetration Testing
To stop a criminal, it is helpful to think like one. That is the notion behind penetration testing, which employs a third-party organization to perform an “ethical hack,” seeking to infiltrate your business and find flaws in your security that hackers might exploit before they do.
Pen tests provide valuable information about vulnerabilities in your security posture that you can patch and improve before they are exposed. At Sidechain Security, we recommend annual penetration testing–at a minimum–to remain vigilant against the most novel hacking tactics. Completing a pen test before the winter holiday season may be a strategic time to ensure your organization has a quiet November and December.
Go Threat Hunting
In the short term leading up to a holiday, the FBI and CISA recommend businesses conduct preventative threat hunting. Like penetration testing, threat hunting requires evaluating your network and application security posture before an attack occurs. However, whereas pen testing tells you how cybercriminals might infiltrate your infrastructure, threat hunting identifies bad actors that may already be present in your network.
Hackers, or threat actors, can be present or dwell in your infrastructure before they act to steal and expose your data. They may spend time evaluating and enumerating your networks, systems, and applications to find exploitable weaknesses for critical damage and data exfiltration.
Threat hunting takes advantage of this tendency by searching for signals of illicit activity to expose cybercriminals before they can act and can cause harm to your network, ruining your holiday.
Playing Offense to Beat Back Hackers
Sometimes the best defense really is a great offense. Protecting your data–the organizational crown jewels your business depends on–demands being proactive and playing offense against threat actors. Combining penetration testing with threat hunting is most likely to grant your business the best holiday wish of all, a few stress-free days off.
Prepare for Holiday Attacks with Sidechain Security
If having a cybersecurity partner with more than two decades of industry expertise conducting security reviews and building reliable cyber infrastructures sounds useful for protecting your business around the holidays, look no further than Sidechain Security.
At Sidechain, we specialize in providing analysis unique to the safeguarding of your business and its data. Whether your organization needs to conduct penetration testing to uncover vulnerabilities in its security posture, or you require industry-leading employee security training, Sidechain is here to help.
To get started protecting your business, sign up for our free security assessment today to gain valuable insight into the current state and effectiveness of your cyber defense.
Are you sure your data is safe? Learn More: