Holidays, the perfect time for hackers to carry out cyber attacks

The summer is coming to an end and, with it, a time of intensification of certain types of cyber threats. Cybercriminals have taken advantage of the holiday period to steal confidential information, hack into the internal networks of large organizations and even compromise SMEs. All of this through orchestrated campaigns aimed at exploiting various security breaches. According to the leading cybersecurity company in Europe, S21Sec, an entity of the Thales group, three out of ten companies suffer some kind of security incident during the holiday period, given the relaxation of security measures and the lack of personnel.

For all these reasons, the summer period is the perfect time for cybercriminals to design their strategies for information theft, performing increasingly sophisticated and personalized attacks, increasing the probability of success of their malicious conduct.
 

Which sectors were most affected during the summer?

Cyber-attacks against the business ecosystem have been directed, among others, against critical sectors such as telecommunications, tourism and public administration, causing a significant economic and operational impact as a result of the theft of confidential information and denial of services.

The techniques used to carry out these attacks have responded to a wide variety of modalities, including ransomware attacks, a type of malware that blocks and encrypts computer information by means of economic extortion, incursions into web applications and denial of service (DDoS) attacks, which seek to flood servers with high levels of web traffic, slowing down and even disabling the use of the system. In addition, other typologies that have been present and pose a growing challenge are social engineering attacks, such as phishing, via text messages (smishing) and phone calls (vishing).

There are many factors that have led to the rise in incidents targeting these sectors, including the overload of work in some of them, such as the tourism sector, given the high seasonal influx of tourists. The absence of cybersecurity solutions and policies is another reason why cybercriminals are attracted to these targets, putting data integrity at risk.
 

For example, most companies in the hospitality sector do not have adequate security measures in place, with only 2% having integrated security parameters to prevent this type of information leakage, such as data encryption, multi-factor authentication and advanced systems for detecting anomalous behavior in devices.

On the other hand, public administrations are one of the priority targets for cybercriminal groups, given the large amount of confidential information handled, especially city councils, which tend to have lower levels of protection. Contrary to the tourism industry, during the summer months the public sector experiences a substantial reduction of staff, making it an easy target for attacks.

As for the mobility sector, the high demand for transport services during holiday periods, driven by increased travel and promotions, makes it a potent attraction for cybercriminals, as these companies handle a large amount of sensitive data of millions of travelers.
 

How to improve cybersecurity during the holiday season

The intensification of cybercriminal activity during the summer months, as well as at other peak times of the year, requires organizations to implement a higher level of security to prevent threats from becoming entry points from which cybercriminals can expand their influence. Among some tips to employ to reduce risk, it is essential to implement preventative measures to avoid potential leaks of sensitive data

Implementing a cybersecurity strategy exclusively for the holiday season is a very useful preventive measure. In addition, it is essential to promote a corporate security culture that makes employees aware of cyber risks, providing them with tools to protect their devices against social engineering techniques. Cybersecurity training should not only be provided to a company's permanent employees, but also to those who are hired on a temporary basis.

To counter these threats, cybersecurity parameters are required to build a more protected environment with a higher level of robustness in cybersecurity measures. Therefore, it is necessary to invest in monitoring capabilities and services managed by Security Operations Services (SOC), keeping IT infrastructures secure from any possible interference. In addition, among other basic practices, it is recommended to periodically review updates in order to keep systems up to date.