The most wonderful time of the year - for scammers

The festive season is the perfect time for hackers to strike - so what can businesses do to defend themselves at Christmas?

Businesses are being issued a warning ahead of the festive holidays - with a huge surge in cyber hacks expected over the course of the coming weeks.

Cybercrime escalates significantly during the Christmas period, as hackers seize on the opportunity to strike organisations whilst many staff are away from work enjoying downtime.

Last Christmas alone, staff at The Guardian were locked out of the newspaper’s London office due to ransomware, whilst car retail giant Arnold Clark had to axe internet access to protect its customer data due to a breach on 23 December, leaving owners with a “mammoth task” to fix its systems.

With Christmas 2023 fast approaching, Threatlocker - a global organisation which assists in preventing and remediating the effects of cyber and ransomware attacks - has issued guidance around the importance of cybersecurity awareness at this time of year, and why firms need to act now to prevent a breach at the worst possible moment.

Michael Jenkins, CTO at ThreatLocker, says the best way for organisations to defend against cyberattacks during the festive period is through a multifaceted approach of raising workforce awareness, training, software assessment, Zero Trust controls, and endpoint protection.

Get staff prepared

Many breaches can be attributed to human error - with staff falling victim to social engineering attacks like phishing where hackers trick people into opening malicious links or files, opening the door for cyber threats like ransomware.

During this time where corporate gifting is extremely popular, all users need to do is click a bad link. This can be disguised as gift cards or Christmas discounts that arrive in their mailbox - and mistakenly bring down the whole network.

Jenkins says: “Cybercriminals are always trying to get into businesses, but we often see a particularly aggressive push around Christmas time.

“This is because there are fewer people at work, with fewer eyes on security systems. In some instances, systems may be left in the hands of people who don’t have expert knowledge of cybersecurity to handle an attack, so it’s the perfect time for hackers to strike.

“It’s absolutely essential to raise awareness of this among the workforce so they think twice about clicking anything that comes through to their inboxes that could ultimately cause significant damage.”

Train up the workforce 

Outside of phishing, a massive threat to organisations is having a workforce which is untrained in cybersecurity practices being left to man the ship alone.

Putting these people in charge of an organisation's infrastructure during Christmas while senior staff take time off means they won’t have the tools or capabilities to handle a breach if it occurs - which is why training must begin as soon as new faces come through the door at any company.

Jenkins says: “All new employees need to be trained in cybersecurity and phishing awareness from the moment they join and should take part in an annual refresher.

“It’s also vital to assess threats at regular intervals using scanning and patching software – whilst deploying added protection during holiday periods when the system is under limited supervision.”

Software updates and threat assessments

Companies must continually assess possible threats in their systems, including scanning and patching software all year round - but particularly before shutting down for Christmas.

Updating software ensures the removal of bugs and prevents systems from crashing - but it also provides essential antivirus updates.

Jenkins says: “Taking care of as many of these risks and deploying patches as available will assist in securing your organisation, protecting it from exploits, while under limited supervision during the holidays.”

Employ Zero Trust

It is also imperative to implement a strategy moving forward that actively prevents any software - harmless as it may appear - from running when it does not need to. This approach in the industry is known as “Zero Trust”.

One of the key benefits of the Zero Trust model is its ability to help organisations manage the risks associated with third-party vendors, ensuring they only have access to the resources they need to perform their tasks and are continuously monitored and logged.

Jenkins states: “Companies must implement a strategy that limits access to data stores and applications – restricting user access levels, admin rights, and enforcing application control – and use a solution that acts as a firewall at the endpoint level.

“This can block applications from communicating with others unless specifically allowed – preventing malicious software from sharing code or scripted instructions from spreading.

“Christmas is a great time for hackers because so many people can leave their doors unguarded or unlocked entirely. All they need is an inch and they get in. Don’t let that happen to you this year.”