Date

Jan 19, 2023

Topic(s)

Security

Author(s)

Jason Albuquerque

To read this article and get more critically important news and information, check out our other security-focused posts and subscribe to Providence Business News on their website, www.pbn.com


With the holiday season upon us, I find myself, like many of you, spending nights on the couch wrapped in blankets, with my family in front of the fire watching classic holiday movies. I always seem to land on, “A Christmas Story.” One of my favorite scenes is when Ralphie is sitting at the kitchen table, and he begins to daydream about saving his family from that dreaded criminal Black Bart! The bad guys in their masks and black-and white-striped shirts begin to infiltrate the Parkers’ yard, from every angle. The family is hiding under the table and mom yells, “Save us Ralphie, I just knew those bad guys would be coming for us in the end!”

Much like Black Bart and his gang of robbers, during this time of year, cybercriminals significantly ramp up their efforts. While a constant focus to protect your organization from cyber risk is necessary, during the holidays it is especially important to stay attentive.

Every year the FBI and other law enforcement agencies issue warnings about rising attacks this time of year. There was a 30% reported increase last year in ransomware attacks during the holiday period. We also saw a 70% increase in attempted ransomware attacks. This is not a new trend. Every year we see a significant spike in cybercrime. As we know, cybercriminals are opportunistic. Why wouldn’t they want to take advantage of our employees during the time of year when they are the most distracted?

"There was a 30% reported increase last year in ransomware attacks during the holiday period."

Envision's COO Jason Albuquerque

This is also a time that we find staff using corporate systems more often than normal for personal use. The fast-paced nature of the holidays, and folks rushing to get the latest deals or last-minute gifts online gifts presents a tremendous amount of risk to your organization and opportunity for those cybercriminals. Especially now, during these inflationary times, the savings that discount codes offer may be very enticing. According to the 2022 Norton Cyber Safety Insights Report, one in three American adults admit to taking more risks when online shopping during the holiday season compared to other times of the year.

Small business owners must be more alert to cybercrime activity than ever. Accenture reported that 43% of online attacks target small and medium-size businesses. With that, only 14% felt prepared to defend against cyberattacks. This is staggering news since the National Cybersecurity Alliance states that about 60% of small businesses close within six months of a cyberattack.

By instituting basic cybersecurity measures and best practices, we can significantly reduce our risks from these holiday season cyberthreats.

First and foremost, employee awareness is crucial. Remind staff to keep security best practices in mind. Continuously reinforce the good habits of how to handle suspicious links, to never download attachments from unknown senders and to always stay clear of suspicious websites, calls, and text messages. Denying cybercriminals their most-often-used attacks is a critical step in mitigating their success.

We clearly live in a time when passwords alone are not sufficient protection. If your business has not embraced and mandated Multi-Factor Authentication for all of your users, you must change that immediately. MFA significantly decreases your risk. As modern businesses, we must assume first that unknown activity is nefarious, never implicitly trust and always verify the legitimacy of requests and unusual activity.

These basic precautions, along with the best practices that we discuss here each month in Cyber Sessions can be the difference between a successful defense or a breach.

Much like Black Bart said as he was foiled and running away, “OK Ralphie, you win this time, but we’ll be back,” cybercriminals are on the constant attack.

Our preparedness, focus, and ability to respond are what will allow us to be more resilient to these threats.