Nothing is sacred any more at least not in the corporate world. According to Fortinet, one of my clients in the security industry, over
Christmas and New Year, while employees are feeling at their most relaxed and
generous, enterprise security is at its most vulnerable.

During the Christmas
hiatus, internal lapses of security will lead to Christmas bonuses for
cybercriminals who are out to feed off the festive spirit. In line with
cybercriminal trends of the past 5 years, the criminals have already laid the
traps, so businesses need to be extra security vigilant as the holidays
approach and the rise in online crime puts business networks at increased risk.

Fortinet’s top things to be vigilant of this

  • Christmas Shopping
    • Watch for Rogue shopping sites
      advertised by spam campaigns and strong search engine optimisation when looking
      for “Christmas presents” and the like,  and  beware of legitimate sites that can be
      compromised and booby-trapped with malicious code.
  • Malware ‘Tricks’
    • Christmas related malware will be
      very common as authors trying to trick users into clicking malicious links to
      attachments related to the season. E-cards, Holiday
      sales, Festive fun  – If you don’t know what your are opening…don’t.
  • Working from Home this Christmas
    • Beware
      users who’ve taken their laptops home for extended periods over the Christmas
      hiatus and come back onto the network.  What nasties might be on
      there?  The desktop protection might also not be up to date, so additional
      pressure will be on your network security devices
  • R&R
    • With just a few days out of the
      office, employees become ‘download happy’ on personal computers over the
      Christmas break and more often than not bring this relaxed attitude to security
      back to the workplace. Beware that this complacency can provide increased
      avenues of attack.
  • Temporary staff
    • …are not just for Christmas. Well
      they are, but with access to passwords, and confidential information, if not
      managed properly can lead to a serious security breech. IT departments must
      ensure that temporary staff only have access to documents that are necessary
      and if passwords are granted they are changed after the holiday period.

For a Merry Christmas, organisations must ensure all
employees are made aware of the festive threats by communicating security
messages from the top down. If you’d like further information on the cyber
threat of Christmas, Fortinet’s expert Guillaume Lovet will be happy to provide
further information.

%d bloggers like this: