Christmas Hackers
When there is cheer and joy at work and home it is often the case that individuals are quite vulnerable to external influence. During December many individuals and businesses who they work for or represent are more susceptible to a cyber-attack.
There are a mixture of reasons why but primarily it is because individuals are on holiday, there are breaks in communication between stakeholders and buyers and perhaps that people are a little too busy preparing for events to notice that something is amiss. A perfect storm for Christmas Hackers to take advantage of.
When people are tired or under the influence of alcohol (or drunk on the mood) their response to indicators of attack are much reduced, this also applies to issues such as driving where a very tired person is as dangerous as a drink driver and is likely to cause as much harm. Many major cyber-attacks are launched on public holidays with intimate knowledge of when people are more vulnerable.
How does a Security Operations Centre (SOC) protect you from cyber-criminals and Christmas hackers who take advantage of the above?
- Firstly, a SOC is often a global endeavour or one which encompasses several different sites – to ensure there is no single point of failure which prevents effective protection.
- Secondly, a SOC will often use automation and more advanced technologies such as an Endpoint Detection and Response solutions to be proactive – preventing cyber-attacks from affecting end-users in a firm.
- Thirdly, a SOC will be able to share information across the globe to identify new threats which are being discovered. This in turn means that it a company in Asia has suffered an attack by Christmas hackers taking advantage of the festive season, your company in Europe as more than half a day to prevent it from happening here. And vice versa.
Christmas Hackers will often use social-engineering to extract money from your business, such as gift-card scams. These can easily add up over many thousands of people, so be careful to avoid falling victim to sudden requests for money.
Never be afraid to pick up the phone and call a colleague if you need to clarify their position – ideally using contact details not provided to you within the communication you are suspicious of.
Is Endpoint Security Enough?
Endpoint Security is a complex topic because ultimately it touches every device that your business uses to function – including the personal devices of staff. It is however the case that some security incidents require action by an administrator – even it if is simply turning off a device because it has been infected.
Endpoint Security solutions such as Panda Adaptive Defense 360 do offer Threat Hunting as part and parcel but will always presume the presence of local expertise in order to help resolve any issues. This can become awkward during any holiday season but especially during Christmas.
The availability of local expertise during festive seasons is understandably low, in fact it may even be the case that no local experts are available to respond to an incident in time to avoid damage. This is because an incident can do damage quickly, typically within 15 to 30 minutes.
For example, our SOC has a response-time of at most 15 minutes – often less. This prevents Christmas Hackers from actually infiltrating your business systems, acting in a preventative way rather than having you wait for visible harm to come before you realize something is wrong. This naturally costs a lot of money to fix as well.
Stay safe during the festive season – and remember to leave a present of a SOC that leaves you in comfort and with peace of mind that there will be no downtime.
