Nothing is sacred any more at least not in the corporate world. According to Fortinet, one of my clients in the security industry, over
Christmas and New Year, while employees are feeling at their most relaxed and
generous, enterprise security is at its most vulnerable.
During the Christmas
hiatus, internal lapses of security will lead to Christmas bonuses for
cybercriminals who are out to feed off the festive spirit. In line with
cybercriminal trends of the past 5 years, the criminals have already laid the
traps, so businesses need to be extra security vigilant as the holidays
approach and the rise in online crime puts business networks at increased risk.
Fortinet’s top things to be vigilant of this
Christmas:
- Christmas Shopping
- Watch for Rogue shopping sites
advertised by spam campaigns and strong search engine optimisation when looking
for “Christmas presents” and the like, and beware of legitimate sites that can be
compromised and booby-trapped with malicious code.
- Watch for Rogue shopping sites
- Malware ‘Tricks’
- Christmas related malware will be
very common as authors trying to trick users into clicking malicious links to
attachments related to the season. E-cards, Holiday
sales, Festive fun – If you don’t know what your are opening…don’t.
- Christmas related malware will be
- Working from Home this Christmas
- Beware
users who’ve taken their laptops home for extended periods over the Christmas
hiatus and come back onto the network. What nasties might be on
there? The desktop protection might also not be up to date, so additional
pressure will be on your network security devices
- Beware
- R&R
- With just a few days out of the
office, employees become ‘download happy’ on personal computers over the
Christmas break and more often than not bring this relaxed attitude to security
back to the workplace. Beware that this complacency can provide increased
avenues of attack.
- With just a few days out of the
- Temporary staff
- …are not just for Christmas. Well
they are, but with access to passwords, and confidential information, if not
managed properly can lead to a serious security breech. IT departments must
ensure that temporary staff only have access to documents that are necessary
and if passwords are granted they are changed after the holiday period.
- …are not just for Christmas. Well
For a Merry Christmas, organisations must ensure all
employees are made aware of the festive threats by communicating security
messages from the top down. If you’d like further information on the cyber
threat of Christmas, Fortinet’s expert Guillaume Lovet will be happy to provide
further information.