The ransomware unleashed on Munster Technological University (MTU) this month is the most recent example of a high-profile and damaging cyberattack to take place during a bank holiday. Whilst the hack came as a shock to the university – closing down campuses for several days – the timing of it should come as no surprise.
Cybercrime has a habit of escalating significantly during holiday periods, as hackers seize upon the chance to strike organisations whilst many staff are away from work enjoying downtime.
Some of the biggest institutions have fallen victim to cyber attacks during holiday periods – with Sony and Microsoft brought down on Christmas Eve 2014; Portuguese media giant Impresa breached on New Year’s Day 2022; and LaGuardia Airport’s systems being infiltrated last Halloween.
Rob Allen – the VP of Operations EMEA of ThreatLocker who assists organisations in preventing and remediating the effects of cyber and ransomware attacks – is now issuing a warning about vacation-timed attacks and the need to heighten cybersecurity awareness during public holidays.
“Cybercriminals are active throughout the calendar year, but bank holidays are when they are the most aggressive in pushing their malicious agendas,” Rob explains.
“Often, this is because there are fewer people working during this period, with fewer eyes on security systems.
“In some instances, systems may be left in the hands of people who don’t have expert knowledge of cybersecurity to handle an attack. But anyone who is casually checking their emails can fall victim to social engineering attacks like phishing – opening malicious links that infect the system.
“Holiday season is the perfect time for hackers to strike.”
Rob says the best way for organisations to defend against cyberattacks during the holiday periods – and all year round – is through a multi-faceted approach of training, software assessment, access control, and endpoint protection.
“All new employees need to be trained in cybersecurity and phishing awareness from the moment they join and should take part in an annual refresher,” Rob reiterates.
“It’s also vital to assess threats at regular intervals using scanning and patching software – whilst deploying added protection during holiday periods when the system is under limited supervision.
“Companies must implement a strategy that limits access to data stores and applications – restricting user access levels, admin rights, and privileged access – and use a solution that acts as a firewall at the endpoint level, in addition to the network firewall.
“This can block applications from communicating with others unless specifically allowed – preventing malicious software from sharing code or scripted instructions from spreading.”
See more stories here.