8 Threats to Watch for this Holiday Season

5 min read

This holiday season will be like no other with the continued use of remote work, greater online sales, third-party sourcing from across the globe, and employees taking much-needed time off. Cyber criminals will take advantage of these seasonal distractions to steal sensitive data, hold it for ransom, or use you as a stepping-stone to more lucrative victims. Hackers often strike when businesses let their guard down, gaining access to networks but laying low to strike later. Once centered on key shopping days like Black Friday and Cyber Monday, cyber attacks are now extending across all of November and December and into the new year, making comprehensive vigilance and 24/7 visibility even more challenging. It’s time to fight back against cyber criminals with defense-in-depth resiliency for proactive protection at this crucial time of year.

Here’s a list of holiday season threats and best practices to defend against them:

• Step Up Vigilance During the Holidays. Knowing that businesses will be short-staffed or even preoccupied at the end of the year, cyber criminals intentionally target businesses in Q4. As a first step, keep systems patched and remind employees about cybersecurity risks like phishing and preventative measures. Look for suspicious behavior such as access from countries where you don’t have any operations or customers.


• Protect Data in POS Environments. Point-of-Sale (POS) devices enable consumers to complete purchases and transactions safely. These devices access critical infrastructure and assets as well as communicate with payment processors and banks. POS threats can include file-less attacks, ransomware, zero-day attacks, and skimmers placed physically on devices. Use PCI DSS compliance standards as the starting point to identify POS risks and best practices. However, it is critical to realize compliance alone is not enough for adequate security.


• Don’t Overlook Work-from-Home Security: Your customers will continue to encounter more cybersecurity vulnerabilities as laptops remain outside the IT perimeter of headquarters. Employees may use work devices for online shopping or charity donations during the holidays, or conversely, use less-protected personal laptops for work tasks. Layered defenses can help you stay current on remote work threats to rapidly mitigate persistent and well-funded adversaries.


• Boost Endpoint Security. With over 70% of threats starting on network endpoints like laptops and mobile devices, it’s clear that traditional endpoint security tools like anti-virus are insufficient. Endpoint Protection Platform (EPP) capabilities can block and even prevent threats in real time before damage occurs.


•  Use Multi-Factor Authentication (MFA). Increased authentication protection with Multi-Factor Authentication (MFA) is an easy way to strengthen your security posture. MFA provides an additional layer of security that can compensate for weak or easily-guessed passwords.   
• Limit Access to Data. Access to sensitive information should always be on a need-to-know basis. Today’s security platforms offer Role-Based Access Control (RBAC) that restricts users from viewing sensitive data outside their job functions. Remember to take proactive steps to automatically remove access when no longer needed.


• Conduct Vulnerability Scanning. Think like a hacker and understand where your vulnerabilities lie. Managed vulnerability scanning identifying, prioritizing, and remediating security gaps before attackers find and monetize them. Many compliance regulations such as HIPAA and PCI DSS require vulnerability assessments.


• Maintain Comprehensive Visibility and Monitoring. A crucial foundation for security teams, a Security Information and Event Management (SIEM), begins with the collection, standardization, and storage of security event data to analyze and offer real-time alerts. Examples of suspicious activity that a SIEM detects include excessive or failed logins, authentication attempts that bypass privileged access management, and unusual increases or decreases in traffic or geographies. Managed Threat Protection by Netsurion includes a SIEM managed by a 24/7 security operations center (SOC) purpose-built to the needs of mid-sized businesses.

We’ve Made Your List. Now, Check It Twice!

‘Tis the season to be wary of cyber crime, as hackers don’t just attack larger enterprises. Cyber criminals also use advanced persistent threats (APTs) to target MSPs and mid-sized businesses. Adversaries often target mid-sized businesses because they are supply chain partners of larger firms or may have security gaps that are easy to exploit. Hackers are continually reinventing their tactics, techniques, and procedures (TTPs) to catch you off guard and evade detection, so it’s important to stay on top of vulnerabilities and real-world attacks. And as you look towards the future, ensure cybersecurity is a year-round priority. Learn more about Netsurion and how our managed threat protection platform, EventTracker, helps you stay secure and maintain customer trust during this busy time of the year.