How to defend against cyber attacks this holiday season

How to defend against cyber attacks this holiday season

This month really is the most wonderful time of the year...for hackers, at least. Although the holidays are a profitable season for businesses, they’re also the perfect time for hackers to gift their targets with an abundance of malware and phishing scams. Using the festive mood of the season to their advantage, external attackers are more likely to be successful, but that doesn’t mean you’re powerless to defend against them. With a combination of the security habits advice from our previous post, and the following tips, you’ll weather even the strongest of attacks this season.

Beware of holiday deals

By now, you’ve probably noticed the sudden surge of holiday-themed commercials, pop-ups, and promotions inundating your inbox and social media newsfeeds. With all the great deals being offered on a silver platter, you're tempted to go ahead and click without thinking twice. In fact, cyber security provider McAfee stated, “49% of US consumers open holiday-themed emails.”

What’s alarming about this is that email, pop-ups, and social media have become one of the most successful deliveries for phishing attacks. Scammers will usually send emails as special bargain prices, free gift cards, or “difficulties with your order” alerts to steal sensitive information from you and your employees.

To avoid a less-than-merry holiday season, practice caution with the holiday deals, links, attachments, pop-ups ads, and websites you encounter. Develop a habit of deleting suspicious messages that ask you to download unknown software or take a quick survey to win free items. Shop on websites that belong to reliable retailers, and keep track of receipts to avoid being duped by holiday hackers.

Freeze IT projects

With employees being out more often during the holidays, office parties happening left and right, and everyone rushing to meet end-of-the-year deadlines, many businesses find that the winter holiday season is the most chaotic time of year. And with a skeleton crew of employees in the office come New Year’s, it’s impossible to deploy new technologies and expect all staff members to learn the new system.

What’s more, starting a big project with limited in-house IT staff is more likely to cause technical errors that could become future security vulnerabilities.

Our advice: don’t implement drastic software and infrastructure changes in the last week of December -- deploy them after the holiday season when your company is at a hundred percent. That said, do make sure your existing technologies are running smoothly. Partner with a trusted third-party IT support provider to maintain your IT infrastructure and address critical security patches. Use the time you have now to plan improvements -- like disaster recovery plans, cloud migrations, and virtualization deployments -- for next year.

Out with the old, in with the new

With the end of the year quickly approaching, now is a good time to replace passwords. Using password management software -- like 1Password -- will help you set unique passwords for hundreds of web services. But regardless of whether or not you use this system, it’s a good idea to keep hackers guessing by setting passwords stronger than the one you’ve used all year. That means your new password probably shouldn’t be “hohoho1234.” Instead, make it 12 characters or longer, and include a combination of numbers, symbols, and uppercase and lowercase letters.

Cyber security basics like antivirus software, intrusion prevention systems, firewalls, and encryption are often an afterthought for companies that lack enterprise-level IT support. Prevent hackers from peering inside your operations by making sure your network uses adequate security systems. Avoid broadcasting your WiFi network with WPA protocols, install anti-malware software onto workstations and mobile devices, and deploy URL filtering to block high-risk websites.

Plenty of hackers don’t take holiday breaks, and your cybersecurity systems shouldn’t either. But rather than subjecting your employees to strenuous IT administration, hire an IT support provider to protect your systems for you. At IntelligISTM, we offer 24/7/365 maintenance and network security services. Take that well-deserved vacation while we help secure your business -- visit us at www.intelligis.com today.