With the holiday season in full swing, MSP employees and their clients are gearing up for parties, travel, shopping and well-deserved time off. Unfortunately, they’re not the only ones gearing up. Hackers are heading into a busy season themselves, and like a pack of sneaky, avaricious elves, they are preparing for their annual upswing of cyberattacks.
From Thanksgiving to New Year’s Day, companies are particularly vulnerable to attack. This is because many employees (including security personnel) are on vacation, preparing for vacation, or perhaps a little mentally checked-out by holiday planning or just general end-of-year weariness.
The need for vacation-related security vigilance is not just a winter phenomenon. Popular vacation times almost always see an increase in cyberattacks. For example, according to a recent threat insight from Barracuda’s advanced XDR platform and 24/7 Security Operations Center, in 2022, the number of threat alarms spiked at 1.4 million in January (just as the holiday season was ending), then fell by more than 70 percent shortly afterward. A second spike of 1.4 million alarms happened again in June, followed by a gradual decline through the summer as the vacation season ended.
There was also a significant difference in the number of alarms resulting in a customer security alert after analysis, and the likelihood of staff being on vacation played a role. For example, the post-holiday period in January had a customer security alert/threat alarm rate of 1-in-80. In June, though, that figure rose to 1-in-5. Clearly, criminals are targeting periods when cybersecurity teams may be understaffed.
Holiday MSP Cybersecurity Best Practices
What can MSPs and their clients do to help shore up their defenses at the end of the year? Here are some best practices to help protect against the coming onslaught of threat activity:
- Organize pre-vacation security planning. MSPs, their clients and their human resource departments should work together to map out upcoming vacations and provide those employees with a pre-vacation security checklist. That should include basics like logging out of devices and applications, backing up their work, and ensuring their patches and antivirus software are up to date.
- Provide reminders to clients and their employees. Keep them updated about current threats, strategies for protecting their credentials, tell-tale signs of phishing emails and safe ways to shop online. Unfortunately, there is not much time for a formal training refresher during the holidays. Still, some well-timed bulletins and discussions can help staff avoid falling for common phishing scams and remind them to continue practicing good cyber hygiene.
- Encourage a pre-holiday password update for your clients (and internally). This is a fast, easy way to add a layer of security when the risk of credential theft and business email compromise is high. Of course, password changes should be happening on a regular schedule anyway, but having everyone update their credentials at end of year can help deter attacks using credentials that may have already been compromised.
- Test backup to ensure critical data is easily accessible. While backup testing is part of the regular maintenance process, scheduling a holistic test prior to pre-vacation time can give MSPs and their client peace of mind during their vacation.
- Schedule a pre-holiday round of backups, patches and software updates for clients. This helps ensure systems are up to date before your client IT teams and staff head out for their R&R.
- Encourage the use of multifactor authentication (MFA) across applications. Using MFA can help protect against several types of attacks. Even if credentials are compromised, MFA provides a valuable second layer of protection.
- Revisit incident response plans and update contact information for key stakeholders and responders. For example, there will be attacks while people are on vacation, so all relevant staff members should know who is responsible for response activities while some of the team is unavailable. They should also have access to current contact information for those who may be out of the office in case of emergencies.
For MSPs, the holidays are a great time to remind clients about the value of robust security software, including email and endpoint protection, detection and response, and a 24/7 security operations center (SOC) that can identify and respond to attacks no matter when they occur.
With these tips in mind, MSPs and their clients can relax and enjoy time with their families and friends — while also keeping their businesses secure.
Photo: Rawpixel.com / Shutterstock