The Hacker Who Stole Christmas: What Security Threats Should You Be Looking Out For This Holiday

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.finextra.com/blogs/fullblog.aspx?blogid=11933

Tis the season to be jolly, and with big retail events like Black Friday
and Cyber Monday, the Christmas season is also becoming an increasingly
online experience. This also means there are a host of seasonal hackers
looking to take advantage of others’ goodwill over the coming months. As we
start doing more and more shopping online, often letting our guards down in
terms of cyber security, we could be opening ourselves up to whole host of
new threats.

However, it’s not just the Christmas shoppers who are susceptible to cyber
threats at this time of year. Businesses can also experience new levels of
security threats as employees begin to enter into the festive season. So
what should we be looking out for during the upcoming holidays and beyond?

Festive spirit

During the Christmas period, festive spirits are running high and some
employees’ judgement around data protection may be slightly more lax than
usual. Companies can therefore be at higher risk of data breaches as
employees start saving copyrighted material or downloading infected
material onto their network. With administrators or IT security staff
beginning to take holiday leave, security processes are likely to drop
without those around responsible for enforcing it.

Driving home for Christmas

During the Christmas holidays, businesses are more likely to suffer attacks
as everyone prepares to vacate the office for a prolonged period. Often
only a few administrators will be left behind to cope with a large work
load, and systems must be in place to automatically monitor the network
situation and alert administrators when things go wrong. During the holiday
season it is essential that such tools support notifications not only
through email system but also through mobile technologies such as SMS. This
is crucial as people tend to check their emails much less during this time
of the year due to busy social schedules.

Viruses and malware are more likely to be on the rise during the holiday
period as hackers also have more free time. Therefore it’s important to
ensure anti-virus software continues to run over the break, scanning the
network and updating the system with the latest virus definition files.

Deck the halls

As companies shut down for the Christmas period, IT professionals also need
to consider which non-essential services should be shut down as well.
Wireless technology, for example, gives hackers direct access to the
internal network infrastructure without having to physically break into the
building itself and if left unattended can pose quite the security risk. It
allows savvy hackers to break into the system, breaking weak passwords and
gaining access to the operating environments.

Additionally any service or server which is not required during the
Christmas shutdown should also be disabled. This will ensure that in the
event of a cyber attack, hackers will have the minimum number of attack
vectors available to them.

Secret Santa

If it’s vital that some particular computers or servers remain in operation
over the Christmas holidays, businesses must ensure these have strong
access controls and safeguards. Remember, hackers are also likely on
holiday at the same time and have even more time on their hands to perform
targeted attacks.

Attackers will presume that IT security will be more lax than usual as
administrators also go on holiday, and may look to take advantage of this
to run aggressive attacks which may not be detected or acted upon until
after the next year – leaving plenty of time to cover their tracks and
infiltrate sensitive systems.

Beware the Grinch

Unfortunately it’s not only outside hackers you need to be wary of over the
Christmas holidays. Insiders with bad intentions are also likely to take
advantage of the quiet season, to try to access restricted information in
the knowledge that they’re less likely to be caught stealing. Therefore, it
is vital to ensure any important servers which have sensitive information
are physically secure. Administrators should ensure server rooms are
securely locked before leaving for holidays, and the same goes for network
switches, wireless equipment and any other device which might provide an
entry point to secure networks.

New Year Housekeeping

For businesses that can sit back over the long festive holiday, this could
be an opportunity to take stock of identity and access strengths and
weaknesses.  Most enterprises will have seen many staff changes over a year
and for some Christmas may have been a seasonal peak for temporary
workers.  Keeping track of these moves and changes within an organisation
can be challenging when there are other priorities. An in-depth analysis of
access rights and privileges done during the break (or any time) can reveal
non-terminated accounts for ex-employees that could pose a risk.
Identifying these and agreeing to a regime of regular access risk
assessment should help make 2016 a year when the damage from security
threats are mitigated not multiplied.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!