Ecommerce, logistics and public transport, among the sectors most affected by cyber attackers during the Christmas weeks

The weeks leading up to Christmas are always times when the volume of purchases -especially online ones- increases considerably. In this context, and as can be seen from McAfee’s cybersecurity reports, during the holidays there are even a quarter of all digital scams committed during the year, a risk that the vast majority of organizations are unaware of. In addition, as a fact to highlight, it stands out that 75% of cyberattacks occur at night, on weekends or during the holiday seasonmoments in which companies are not active.

The risks during the holiday season only increase and attackers will not hesitate to use techniques that have already proven their effectiveness: phishing campaigns, BEC (Business E-mail Compromission) attacks, etc. They are used to access organizational systems. Specifically, the FBI estimates that This year’s losses from cyberattacks will be more than $50 million.

Reaction time is crucial in the event of an attack, as warned by cybersecurity experts from Tehtris. For this reason, the company has developed a brief guide with warnings and safety recommendations for internet companies and shoppers to increase their protection during the holidays.

What are the risks during the holiday season?

Security teams are often understaffed during the holiday period, a situation that the attacker can use to his advantage as surveillance is reduced and he can use simpler techniques to carry out his plan. The cybercriminal redoubles his efforts to execute social engineering campaigns impersonating big brands through fake offers and gift cards, online surveys, or spear phishing.

Similarly, one must take into account the danger posed by malicious attacks specifically designed to steal data during the holiday season, as are the Grinchbots. These speculative bots have traditionally hijacked high-demand, limited-quantity products to deplete inventories and create shortages. Now, these bots are also dedicated to stealing gift card balances, explore competitor data, collect personal and financial data or directly to insert malicious links and commit fraud.

Who are the attacks directed at?

According to TEHTRIS cybersecurity experts, this year the most vulnerable devices in the face of online fraud, scams of phishingmalicious websites and the malware will again be those related to the consumer electronics, game consoles and mobile technologies. With regard to companies and sectors of activity, e-commerce (perfume, clothing, toys…) are the first victims of the cyber attackers, whose goal is to gain access to your data, networks, applications and infrastructure. Also, as shown above, famous brand companies are the main targets.

Another sector that hackers love is the logistics industry. Thus, one of the most common scams is the one that is perpetrated through SMS monitoring of online purchases that consumers receive and end up leading them to dangerous sites. By last, public transport it is also affected to a greater extent by the increased risk associated with increased travel during the holidays.

6 tips to anticipate cyber attacks at Christmas

Christmas cyber attacks are increasing in intensity, number and complexity. The ingenuity of the attackers is a fact and for organizations it is no longer enough to remain vigilant; they must strengthen their resilience, ensure they have enough staff, both qualified and aware of cyber risks, and implement well-defined processes as well as proven and necessary technologies.

behold the six tips from the TEHTRIS experts for organizations to anticipate and be protected to respond to an attack as soon as possible:

  1. Verify that business continuity planning is prepared and known by all teams.
  2. Make sure you have enough qualified staff, aware of cyber risks, during this specific period.
  3. Guarantee an optimal level of detection through the use of technologies capable of compensating the human being.
  4. Apply the method of zero trustpatch management, continuously monitor vulnerabilities, as well as potential enemies to know their behavior and TTP (technical tactics and procedures).
  5. Automate the level of response in case of deviation or behavioral incident.
  6. Be prepared in case of crisis. Resilience goes through preparation and being prepared to face a cyber crisis. It is essential to prepare all the questions and have the answers.

Related News

Leave A Reply

Please enter your comment!
Please enter your name here