As we approach the upcoming Thanksgiving holiday, organizations should be paying close attention to potential cyberattacks coming their way, if history offers any indication of what’s to come.
According to the Carbon Black Threat Analysis Unit (TAU), organizations saw a +20.5% increase in attempted cyberattacks between November and December of 2016. If this trend continues in 2017, organizations should be extra vigilant as these attacks often begin around the Thanksgiving holiday.
There are a lot of nuances that come into play during the holidays, but most companies are going to be scrambling to find security team members who are willing to work or stay on-call during the holiday hours. It’s also important to take into account the size of your organization and the attack surface your organization has. Generally speaking, unless you’re a company the size of Amazon, Google, or Microsoft, your team is likely understaffed, and it’s harder to manage your attack surface.
So, how do companies manage their risk during the holiday season, especially when they’re short staffed?
It comes down to something entirely non-technical – creating a culture revolving around cybersecurity and internet safety.
At the end of the day, it doesn’t matter how many vulnerabilities you patch, or how many endpoints you’re monitoring. If you have a poor cybersecurity culture, what you originally thought was a somewhat manageable attack surface, will become even larger. When it comes to overall security culture, it’s important to remember that your weakest link is often your everyday user. Some security professionals will say, “Yeah, I know” or “Well, we send out monthly alerts,” but if you’re not constantly trying to develop a culture based around cybersecurity, it won’t matter how many times you patch your servers, or how many security team members you have, because something will always find its way in.
How do you combat this?
For starters, it’s important to gather as a team and discuss how you go about creating a culture of knowledgeable employees well before the holidays start. Being that most security teams are short-changed, it’s going to have to fall to the user to ensure they’re doing everything in their power to help protect the company. As much as we might want to think it’s purely the IT security team that keeps the company from being neck deep in constant threats, it really comes down to the users; after all, there’s only so much a team can do before they’re stretched too thin.
Users are specifically targeted during this time of year by malicious campaigns that offer timely incentives to clicking on web links and opening attachments. Research of known attacks shows adversaries using such topics as the danger of Christmas tree fires, delivery of gift cards, or just shipping notifications, as seen in the example below.
For as much information security training provided, a simple holiday greeting card opened by a user could be the start to a major attack.
It’s important to remember that, during the holidays, cyberattacks will surge, and most security teams will probably end up working more than 40 hours. However, in order to ensure every possible area is protected, we need to get in the habit of incorporating the everyday users into our security strategy. This will not only help create a stronger cybersecurity culture, but it will also help cover more bases, which hopefully, puts your minds at a little bit more rest knowing your assets are safer than they were before.