Why do cybercriminals love weekends and holidays?

Everyone enjoys a long weekend or a public holiday, but these special occasions are also important in the cybercriminal’s calendar. Once a cyberattack gains access to a corporate network, it will have more time to propagate during the holidays because offices would be unoccupied, making it easier to go unnoticed. As we approach the Christmas season, Check Point Software Technologies Ltd sends a strong warning about the hazards of letting your cybersecurity guard down during your office downtime.

This isn’t a new trend. Following large-scale attacks in the United States this year, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned of the hazards. On July 4th, Independence Day, a huge cyberattack on Kaseya, an IT management software firm for MSPs, occurred, affecting 1,000 companies and identifying victims in at least 17 countries.

Over the Mother’s Day weekend, a devastating cyberattack on Colonial Pipeline, which delivers roughly 45 percent of the fuel on the US East Coast, was carried out. It was compelled to shut down its activities as a result of the ransomware attack in order to deal with the threat. JBS was compelled to pay the equivalent of $11 million in Bitcoins as a ransom to resolve a cyberattack on the Friday before Memorial Day weekend.

Companies typically operate with a skeleton workforce during vacation periods or over the weekend, with less workers on the watch for any form of crisis. In a variety of ways, this makes it easier for cybercriminals to operate. On the one hand, it allows ransomware to be fully deployed before anybody notices, while on the other hand, it increases panic during response operations, particularly if the victim’s IT teams are unavailable to respond. This, in turn, could increase the chances of a ransom demand being paid.

Tips for protecting a company from cyber-attacks

• Prevention strategy: In today’s world, having a proactive cybersecurity strategy to prevent data theft and cybersecurity issues is critical. These approaches, unlike a reactive strategy, are targeted at monitoring indicators of attack (IoA) and address all processes, technology, systems, and people, with a focus on preparing for an attack rather than waiting for one to occur.
• Zero Trust Strategy: According to the latest Threat Intelligence Report from Check Point Software, 84 percent of malicious files in the UAE were distributed by email. This is why security experts across the industry are adopting a zero-trust security mindset: no device, person, workflow, or system should be trusted by default, regardless of where it works, whether inside or outside the security perimeter. Using these concepts, a “Deny by Default” security posture can be adopted, in which systems are hardened and isolated until a level of confidence is achieved, providing the highest level of protection.
• Protect mobile devices: When developing a cybersecurity plan, one of the most important factors to consider is data mobility. There is a multi-device situation in the current paradigm, in which most firms have adopted hybrid working. Many do not have the required security measures in place. Cybercriminals are increasingly targeting these firms, and it is critical to equip all equipment with defensive measures against any hack. Check Point Harmony Mobile protects organisations against any sort of mobile device attack by providing real-time threat intelligence and visibility into attacks that potentially harm them.
• Cybersecurity training: Too often, an employee’s email or device is one of the key entry points for a cyberattack, which is why this is one of the weakest links in any company: a lack of training for its members. It is critical to train employees so that they can recognise and avoid such threats. It’s enough to send a social engineering message persuading the user to click on a malicious link. Education is frequently seen as one of the most effective defences available.