With a seemingly sudden rash of successful ransomware attacks in recent months, it didn’t surprise some cybersecurity experts warning about the next cyberattack event.
“When I first heard about the ransomware wave, I looked at the calendar and said `oh sure, not surprising,'” advises Russ Wilson, a cybersecurity expert based in San Antonio, Texas.
Cyberattacks that take place during recognized holiday days and periods have caught many companies by surprise, while their offices were either closed or their IT staffs were working at lower capacity. This makes it more difficult to quickly react to a cyberattack while giving hackers more time to do their damage.
“Imagine someone trying to rob a jewelry store on a weekday at Noon vs. 5 a.m. on a Sunday morning. Chances are the robbers will get away with much more on a Sunday morning vs. the middle of the day,” he adds.
It is not just holidays and weekends. Hackers who are casing a specific company or person, can scrape social media postings, piece together the calendar of a high-ranking executive or IT official, then time a cyberattack accordingly. If the company’s vice-president has hung a proverbial “Gone Fishin'” sign on their office door, the hacker knows it.
Cybercriminals never take a vacation
Attacking a specific person’s account could go unnoticed longer if that person is away from their computer. Or a hacker could execute a well-timed phishing attack for Friday afternoon, right before someone is going on vacation.
“Imagine planning your vacation to the Catskills and finding an email about your cabin confirmation or coupons to the `Best Water Park in the Catskills,” Wilson asks. “Something like that might be ignored most of the time, but when you’re amped up and ready to pack your bags on vacation, it might be enticing.”
The pandemic may have made those types of emails more effective, not less as people who aren’t in the office but who are working from home may be even more prone to falling for an email like that on the eve of vacation.
The pandemic may have made #phishing emails more effective, as people who are working from home are more prone to falling to a #cyberattack on the eve of vacation. #cybersecurity #WFH
Holidays present an opportunity for cybercriminals to do their dirty work, noted TechSolve, an Ohio-based non-profit, in a recent blog post:
“The holidays come with an elevated amount of email and financial activity, all conveniently while people are out of the office or traveling for the holidays. Inboxes become overloaded with holiday messaging and deals.”
So, what can be done to make the holidays less enticing, and is there anything MSPs can do about it? Wilson recommends a few extra steps to take.
Pre-weekend cybersecurity checklist
This one is easy to do, but it is also easy to forget. “MSPs are made up of humans, and they take vacations too,” Wilson points out.
Sometimes in haste to “get out of the office” (even if the office is home) for a holiday weekend or vacation, basic steps might get overlooked or put off.
“You know a patch needs to be applied and decide to put it off until after the long weekend. Bad idea,” he says. “It can come back to bite.” IT benches are stretched thin at companies and at MSPs, and no one can be expected to do it all.
“But you need a pre-holiday checklist, even if it is very basic, just to make sure something simple isn’t being overlooked,” Wilson advises. “MSPs cannot police everyone, but they can provide sound advice via memo and training.”
“Take a few minutes to monitor the social media accounts of top company executives. If you see that they are trumpeting their upcoming trip to Cancun, pull them aside,” he adds.
Enhanced 24/7 cyberattack monitoring
Many MSPs tout their 24/7 service, and automation can catch a lot, but if there is no one “on-call” to catch the catching, it is not really 24/7.
“I am old-fashioned, I think a human needs to be involved and monitor especially on holiday weekends and weekends in general or at 5 a.m. on weekdays,” Wilson says, adding that he knows this isn’t always feasible for budgetary and human resources.
But have someone not just on call but proactively monitoring client accounts during holiday weekends. It’d be worth paying someone a bonus to do that rather than experience the damage caused by a breach, Wilson advises.
#Cybersecurity best practices dictate that an #MSP should have someone “on call” AND proactively monitoring client accounts during holiday weekends to protect against #ransomware attacks
Enable backup against a cyberattack
Client data should be backed up as a matter of routine course. But before a holiday weekend, that is especially important.
“You don’t’ want to skimp on the fundamentals before a holiday,” Wilson says. If a cyberattack occurs, having viable, accessible, and recent backup is the best way to get back on track fast.
With Labor Day weekend and other holidays looming, keep in mind that you aren’t the only one planning a long weekend. Hackers likely are too. But while you are planning to be out of the office, they may be planning to be in your clients’ networks.
Photo: Sergii Sobolevskyi / Shutterstock