Unfortunately summer holidays are eagerly awaited by cybercriminals, not to sit, unwind and have a good time with their loved ones, but rather to target companies with the goal of maximizing their return on investment with a triple extortion.
Various studies, including those of the FBI, highlight a worrying increase, in the number and magnitude, of cyber attacks occurring on public holidays, weekends and during vacation time.
For its part, the CISA (Cybersecurity and Infrastructure Security Agency) reminds organizations to remain vigilant during the holidays, because “adversaries do not make the same holiday plans”.
The reason is obvious: Adversaries take advantage of periods when companies are less well equipped to protect themselves, due to lack of personnel or because of a relaxation in the vigilance of users.
Summer is also a time of increased remote access combined with possible ignorance when it comes to using public Wi-Fi.
At the same time, with some of the company's security personnel also on vacation, the detection and response time to threats tends to increase.
Many people who are away from work for long periods of time feel the pressure to check their emails while they are away. They are therefore tempted to use an unsecured Wi-Fi network to respond to emails or access corporate data and applications, thus putting the company at risk.
CISA recommends using a VPN when using public WiFi.
VPN services make it possible to work in cafes, hotels, airports or other public places, so you can take the security of a VPN with you wherever you go.
Today, with cloud services and remote desktop, it is possible to use any device to access corporate information.
However, extreme caution should be exercised when using a public computer. Hackers may have installed a keylogger or other malware to steal your usernames, passcodes and passwords.
The use of public devices should be limited exclusively to accessing public information that does not require any authentication.
And you should use your corporate device to log into your work session and use your personal device to make personal transactions.
With some of the security staff on vacation, it's a safe bet that incident response time will increase, putting the business at risk.
It is therefore essential to take measures to ensure adequate coverage by outsourcing part of the security services during the holidays of your team members.
If, like many of our clients, you lack the means, resources or expertise to counter threats, Present's Managed Security Services may be the winning solution.
Criminals take advantage of summer vacations to attempt to exploit businesses.
This makes the notion, although sometimes difficult for some, of completely disconnecting from work during the holidays all the more important.
It is less expensive, easier and less risky to protect yourself from attack proactively than to deal with the consequences of being insufficiently prepared. From this point of view, the holiday period is certainly more risky, but it has the effect of above all highlighting the need for a security approach adapted to current threats.