With Christmas fast approaching, enhancing your IT security may not be at the top of your to do list. However just because you’re taking a break, doesn’t mean cybercriminals are too.
Food to buy, presents to wrap, parties to attend, year-end figures to run… the list seems endless and relentless in the run-up to Christmas. While we’re all at our busiest or winding down for a well-earned break, cybercriminals are finding opportunities to ramp up their efforts and launch cyber-attacks.
With UK small businesses targeted with 65,000 attempted cyber-attacks every day, cybercriminals know how, where, and when to attack. Their goal is to catch businesses off-guard, so the Christmas holidays provide an opportune time to launch an assault.
Cybercriminals step up their efforts to gain access to networks when they know organisations are busy. Overworked or distracted staff are more likely to make mistakes. Whether using a company, public or private wi-fi network, sadly the threat of cyber scams is all around at Christmas.
The most common scheme used by cybercriminals at this time of year is malicious e-cards. With their time-saving and earth-friendly credentials, electronic greetings cards are becoming more and more popular. However, cybercriminals are taking advantage of these seemingly harmless messages of well-wishes, and using them as a means for delivering spyware and ransomware. Spot fake ecards by double-checking the sender’s address and never opening attachments.
It only takes one incorrect link to be clicked to compromise your data, so it’s important to heighten your awareness to protect your business over the Christmas period.
Take appropriate precautions to prepare for a secure Christmas break. We’ve outlined several key steps you can take to protect your organisation from exploitation. By implementing these measures, you can gain peace of mind you won’t become a victim of a holiday hack.
Have a recovery plan in place
Preparation provides the foundation of successful security. Write a cyber-security plan to combat the increased risk of cyber-attacks happening during December. Your plan will help you prepare, identify, respond to and recover from any security events.
This clear set of instructions will ensure all employees know what is expected of them should an incident arise. Perform a drill and practice your response to an attack before the company closes for the Christmas break. This will improve the effectiveness of your plan.
Reset all passwords and enable 2-factor authentication
One of the most significant threats to business, is the simple act of using weak, or easily guessed passwords. With the upsurge in remote working throughout December, and many businesses relying on cloud-based services, easily guessed passwords can lead to sensitive data becoming compromised. Ensure employees are using strong passwords, and 2FA where available to help prevent attackers from accessing important business accounts.
Patch and update your systems
Patches are software and operating system (OS) updates that address security vulnerabilities. Neglecting to patch your OS or software may leave you vulnerable to an attack. These updates offer a simple way to secure your systems.
Install the latest software patches before the Christmas holidays to protect your system from unnecessary vulnerabilities. Review your security settings on all devices and gain peace of mind you’re protected against the latest known threats
Educate Employees
December is an appropriate time to refresh your employees’ cybersecurity knowledge. You should re-educate them on the implications of an attack, refresh their knowledge of tactics such as phishing or malware and have them revise your processes on what to do if a mistake does occur.
Employees are more likely to fall victim to threats when they are working remotely, or simply in holiday mode. Encouraging a culture of vigilance and open communication is key, especially during the festive period.
Back-up, back-up, back-up
It may sound obvious, but many businesses assume they are immune from being targeted by cyber criminals. With a small business in the UK successfully hacked every 19 seconds, it would be naïve to think that backing-up your data is a futile exercise.
With cyber threats only on the increase, you should perform regular back-ups of your systems and data to enable quick restoration of business function should an incident occur. Offline backups are your best defence, as you can wipe any encrypted devices and restore them from your securely stored offline backup.
Summary
Christmas is be the season to be jolly, but it’s also the most important time of the year to remain vigilant of cybercrime. By proactively addressing your cyber-security, you can enjoy the Christmas break safe in the knowledge you have minimised exposure to potential risks and appropriately protected your employees, devices, and systems.
Although levels of cybercrime may increase during the holiday season, it’s important to remember that businesses can fall victim at any time of the year. Implementing an ongoing cyber-security strategy will help minimise your vulnerability. For more information, advice and support keeping your corporate network secure, get in touch with SupPortal today.