Holiday Hacking Season - Tips for a Carefree Holiday

According to a CBS News report, the US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Agency (CISA) issued a joint advisory warning of an “increase in highly impactful ransomware attacks occurring on holidays and weekends in the United States.” Many offices are either closed or operating skeleton crews during that time.

In the UK and much of Europe, August is holiday time. Families head to the beach or to the mountains or other sites for relaxation and enrichment.


ARC IT estimates that 98% of UK businesses are operating online. The biggest cybercrime targets are businesses holding personal information and those whose staff use personal devices to connect to company resources. Here are some tips to help you enjoy a stress-free vacation.




Visualize

Does this scenario sound familiar? You are settling in a lounge chair with a good book at your favorite beach retreat. The kids are playing in the sand. The weather is perfect. In fact, you think, everything is perfect. Then, the familiar tone of your mobile phone breaks the serenity of the moment. You answer…


The rest of this story can go one of two ways:

  • Scene A is a junior IT associate at your business reaching out just to put your mind at ease and let you know that everything is fine at work, and all lights are green.

  • Scene B is the same junior IT associate in a panic. Someone in the company clicked on a phishing link and the main server has been frozen. Red lights are blinking all over the computer room. Our global network has effectively been shut down. We need you to get back to work and try to get our systems back online.


Planning Ahead for IT Safety

Don’t wait until you are on holiday to manage potential phishing or ransomware attacks. Don’t let cyber criminals ruin your holidays. Perform a #cybersecurity review in advance of planned time off:

  • Training of non-IT personnel - It is critical that all employees who have access to company computing resources fully understand how to spot potential malicious temptations in unsolicited emails. Offers of special discounts, new online games, and tracking of online order deliveries are all seeming innocuous messages with links to interesting sites. These are usually malicious software that will infect the network. Remember…“If you did not request it, do not click it.”

  • Off-line backup - Business-critical information should be regularly backed up to resources that can not be accessed online. This allows for a quicker recovery should the network and servers be compromised.

  • Have an IT disaster plan - If your business falls victim to a cyber-attack, having a mitigation plan in place will help speed business recovery. The plan should list the types of vulnerabilities, how you will respond to each, and who will be responsible for various mitigation tasks.

  • Complete visibility of all traffic - You can not protect against that which you can not see. It is impossible to blunt an attack that you do not see coming.


Connecting Monitoring and Security Tools

There are a wide variety of specialized security tools available to stop cyberattacks before they do damage to your infrastructure or steal proprietary information. The best mitigation strategy is to stop the attack before it is embedded in network systems. Firewalls, Intrusion Protection Systems and Data Loss Protection systems are all critical tools for a robust cyber security profile. These tools should be connected to all links and should be fed 100% complete and accurate traffic information all the time.


Connecting these tools via SPAN ports is a potential liability. These ports may be convenient and cheap because they are standard equipment on many switches. However, the security vulnerabilities of these ports include: