Kaseya, Colonial Pipeline and JBS are just a few examples of companies that have been the target of a cyber attack over a long weekend.
• And who does not like weekends and holidays? Cybercriminals are no exception, but they actually prefer to "work" during this time.
Everyone loves a long weekend and the holidays, but such dates can also be recorded in the calendars of cyber criminals. Once a cyber attack gains access to a corporate network during the holidays, it will have more time to spread, as offices are empty, making it easier for perpetrators to go unnoticed.
And now that we have reached this period Check Point Software Technologies Ltd. , ένας πάροχος λύσεων ασφάλειας στον κυβερνοχώρο, εξέδωσε μια αυστηρή προειδοποίηση σχετικά με τους κινδύνους που κρύβονται πίσω από το να μην δώσετε σημασία στην cyber security of your office during the holiday season.
The trend of attacks on weekends and holidays is not something new. The FBI and Cyber Security and Infrastructure Security (CISA) have already warned of the dangers following the large-scale attacks in the United States this year.
On July 4, Independence Day, Kaseya, a computer management software company for msps, came under massive attack that hit 1.000 companies, with victims located in at least 17 countries.
The catastrophic cyber attack on the Colonial Pipeline - which supplies about 45% of the fuel throughout the East Coast of the United States - took place on Mother's Day weekend. As a result of this ransomware attack, it was forced to suspend its activities to deal with the threat.
On the Friday before Memorial Day weekend, giant JBS was forced to pay the equivalent of $ 11 million in Bitcoins as ransom to repel a cyber attack.
During a vacation period or a weekend, companies often operate with a core team, consisting of a small number of staff on alert for any type of incident. This facilitates the operation of criminals in cyberspace in various ways.
On the one hand, it allows the full development of a ransomware before anyone notices it and on the other hand causes more panic during the response operations, especially if the victim's IT teams are not available to respond. This, in turn, could increase the chances of a ransom claim being paid.
"Long weekends create the perfect conditions for threatening factors to cause maximum damage. You have to take into account the fact that, at the moment, everything is "paralyzed", so once criminals gain access to the network, there is much more time to expand the attack and reach a large number of computers and their data. This is one of the reasons why it is necessary to have a good cyber security prevention strategy and not to wait until the damage is done before you face the problem ", explains Vassilis Nikolopoulos, head of the Security Engineering team of Check Point Software Technologies in Greece.
Tips for protecting a company from cyber attacks
• Prevention strategy: in this day and age, it is important to have a proactive cyber security strategy to prevent theft issues data and cyber security. Unlike a reactive strategy, these methods aim to monitor indicators of attack (IoA) and address all processes, technology, systems and people, with an emphasis on preparing for an attack, not waiting for it to happen.
• Zero trust strategy: in accordance with Threat Intelligence Report της Check Point Software , το 98% των κακόβουλων αρχείων στην Ελλάδα στάλθηκαν μέσω ηλεκτρονικού ταχυδρομείου. Αυτός είναι ο λόγος για τον οποίο, σε ολόκληρο τον κλάδο, οι επαγγελματίες ασφαλείας κινούνται σε μια νοοτροπία ασφάλειας μηδενικής εμπιστοσύνης: καμία συσκευή, χρήστης, ροή εργασίας ή σύστημα δεν πρέπει να θεωρείται αξιόπιστη από προchoice, regardless of the position from which it operates, whether inside or outside the security perimeter. Applying these principles allows for a “Denial by Default” security posture where systems are made more inaccessible and isolated until a level of trust is established that will bring the highest level of protection to a system.
• Mobile device protection: Data mobility is one of the key points to consider when developing a cyber security strategy. In today's example, in which hybrid work has been adopted in most companies, there is a situation of multiple devices with many not having the appropriate security measures. These operations become the focus of many malicious cybercrime campaigns and, therefore, it is important to equip all devices with safeguards against any cyber attack.
• Cyber training: very often one of the main entry points for a cyber attack is an employee's email or device, which is why it's one of the weakest links in any company: the lack of training for its members. It is of the utmost importance to train the members of the company, so that they are able to detect and avoid possible attacks. A social engineering message encouraging the user to click on a malicious link is enough. Training is often considered one of the most important defenses that can be developed.
