WITH the holiday season just around the corner, businesses across Northern Ireland are no doubt preparing for some well-deserved down time. However, what is commonly known as the most wonderful time of the year can also be the most vulnerable.
Recent research by UK-based cyber security firm Darktrace has revealed that cyber crime is at its most rife during the holiday season, with a 30% increase in data-based cyber attacks being reported during the month of December alone.
Makes sense really when many companies will be operating a skeleton staff or taking time off altogether, therefore leaving IT systems unmanned and unmonitored, and ripe for infiltration by saavy cyber criminals.
Closed offices and reduced workforces also mean response times to any online breaches will be significantly slower, allowing perpetrators longer to inflict maximum damage and disruption to business operations.
Despite plenty of high-profile and well-documented cyber attacks throughout 2023, including the UK Electoral Commission’s data breach exposing 40 million people, and the LockBit Ransomware-as-a-Service (RaaS) attack on a Royal Mail distribution centre right here in Northern Ireland which caused delivery chaos on an international scale, approximately 60% of SMEs across the UK still lack any security policy and 87% are not insured against online breaches.
I’m all for being generous in the season of giving, but that is one hell of a gift to the cyber crime community.
No one sector is safe or exempt from a cyber attack at any time let alone Christmas, but it will be unsurprising to read that retailers and e-commerce businesses are particularly vulnerable and most targeted at this time of year.
Official b4b Group partner Fortinet reports that almost a quarter (24%) of all cyber attacks are levied against retailers, with the most common forms including:
- Formjacking - whereby hackers implant malicious code into payment forms to steal customers' sensitive data
- E-skimming – when attackers compromise e-commerce websites to steal customers’ payment card information
- DDoS (Denial of Service) – attacks which make machines, systems, or networks unavailable to its intended users by temporarily or indefinitely disrupting services and traffic
- Ransomware - a type of crypto-virological malware that permanently blocks access to the victim's personal data unless a ransom is paid
Whilst businesses can mitigate the risks of ‘unwanted gifts’ by implementing some quick fixes such as updating passwords, enabling two factor authentication (2FA), and installing firewalls, what should really be top of every organisation’s Christmas list this year is a robust and comprehensive cyber security strategy.
From Cyber Essentials certification and cloud back up to next generation firewalls and endpoint security, b4b Group can provide a plethora of managed IT services that will lead cyber criminals on a ‘merry’ dance not just for the holiday period but the rest of the year through too.
Make slack IT protocols a thing of Christmas past and consider giving yourself the gift of cyber security in 2024. It doesn’t have to break the bank and we guarantee you won’t spend your money on anything better!
:: David Armstrong is chief executive of b4b Group