Cyber Security News

Why Cybercriminals Love Christmas Too

For most of us, the holiday season is the perfect time to be with family and friends, hang out at the beach, and overindulge in some yummy food.

What’s not to love?

But cybercriminals also love Christmas.


Because it’s the perfect time for them to attack.

Think about it.

The reason cyber attacks surge between Christmas and the New Year is that businesses and, people, in general, have their guards down.

Cybercriminals know that companies are operating with fewer staff and are ‘less responsive’ during the festive season.

It’s almost the perfect storm of circumstances which is great news for the malicious actors who look to exploit any increased vulnerabilities.

But there is good news as there are some simple steps you can take to protect your people, your profits, and your reputation this holiday season.

Let’s be clear about the problem and then we'll dive into what you can do about it…

How Much Do Cyber Attacks Increase Over Christmas?

In recent years, cyber thieves have increasingly relied on ransomware attacks as their weapon of choice during the festive period.

Not unlike in a Hollywood movie when a person is taken hostage and money is demanded for their release, a ransomware attack uses the same methodology.

Ransomware is a type of malware that locks or encrypts your work or personal files, so you can no longer access them.

So instead of a person being taken, it's your 'data' that becomes the hostage.

And to get the decryption key (so you can access your data again), the cybercriminals ask for money, usually in the form of cryptocurrency.

Uk-based researchers
have observed that there is a 30% increase in the average number of ransomware attacks during the holiday period. This is a global statistic that very much includes Australia.

It is no wonder, then, that the Australian Cyber Security Centre is issuing warnings to urge businesses and individuals to be vigilant.

How Do Holidays Expose You to More Risk?

A ransomware attack can occur when a company's network is breached and cybercriminals can access sensitive and important information.

You’ve probably heard of phishing attacks.

This is when a cybercriminal tricks you into giving them your private or sensitive information, such as user names, banking logins, passwords, credit card details…

Cybercriminals exploit these pieces of sensitive information to launch attacks. The results of a successful phishing attack can include identity theft or the loss of information and/or money.

Of course, over the festive period our inboxes and SMS’ get smashed with ‘Merry Christmas’ messages and amazing discount opportunities.

And imagine when a co-worker or employee falls victim to a phishing attack.

The entire company network can become compromised, along with everyone else in it.

A successful phishing attack, such as obtaining login details, can lead to your company network becoming compromised.

This is great news for cybercriminals as it can pave the way for a ransomware attack.

And as we've already discussed, a well-executed ransomware attack can render your company helpless.

And even if you decide to pay the ransom, there is no guarantee that these cyber thieves will actually return your data to you.

Even if they do, it can often take weeks or longer to return to normal business operations.

And there is the bad PR that comes with it…

Your company's reputation can be hit hard after these attacks.

Statistically, 30% of customers will take their business elsewhere citing ‘lack of trust’ as the reason.

How to Stay Safe This Holiday Season

Knowing that the festive period is prime time for cybercriminals means that you have an advantage over most business owners and managers.

We’ve put together the following checklist that will help you stay safe and sleep better over the festive period.

12 Tips For a Happy (cybercrime-free) Christmas

  1. Turn off devices that are not needed or are not being used

  2. Unplug the WiFi

  3. Shutdown servers

  4. Change your passwords (including your home WiFi)

  5. Be vigilant when checking emails

  6. Update your machines and devices (software and firmware)

  7. Stay in touch with the news (every other day)

  8. Disable your VPN (if you’re not using it)

  9. Use MFA/2FA

  10. Be vigilant when online shopping (avoid clicking on ads)

  11. Make sure your data is backed up

  12. Tell your staff you will not be making any sort of demands during the holidays (if in doubt, ask)

Want to dive into each of the 12 tips a little deeper?

We've created a handy resource for you HERE.

Why not share these with your staff or include them in your next team meeting?

And whilst there are no guarantees that you still won't become a victim of cybercrime, by following the 12 tips above you'll dramatically reduce your risk profile.

You'll also sleep better knowing that you've made yourself (and your family) a less likely target.

We provide cyber security concierge services because we understand that at some stage almost every business on the planet will become the victim of cybercrime and we don't want yours to be one of them.

If you need any support with your IT systems or security, the team at Cyber Heroes is on hand to offer advice.

Listen to this bonus episode on the Cyber Heroes Podcast:

Listen on Spotify

Listen on Apple

Listen on Google

Listen on Anchor