For many businesses, Christmas is a time for winding down and taking stock. For those in the business to consumer (B2C) sector, it can be one of the busiest times of the year. For anyone in the technology industry, though, it's a time to be on high alert: while your staff may be taking time off to be with family and friends, the ne'er-do-wells intent on fraud, theft, or simple misguided mischief won't be doing the same. For B2Cs it’s a frantic dash to Christmas Eve. For those in the tech industry it’s vigilance and high alert all round. While the cat’s away the mice will play, thieve, commit fraudulent acts or simply be mischievous Are you ready?
Peace on Earth?
Christmas, sadly, is considered a prime time for attacks on network infrastructure and customer accounts. It's a time when attackers know businesses are likely to be running on a skeleton crew and when response times go from minutes to hours or even days. It’s perfect and offers a successful intrusion just the window it needs for data exfiltration - giving a successful intrusion a window that’s much wider for data exfiltration.
In its most recent quarterly Cybercrime Report, fraud prevention firm ThreatMetrix has warned that active attacks on retail sites in the UK alone could hit 20 million in just the last quarter of the year. Globally, that figure is expected to be many times higher as attackers seek to profit from the spikes in consumer spending habits seen in the run-up to Christmas.
It's not just retail sites that are under attack, either: gaming and betting sites typically see a major spike on Christmas Day, with a 2014 report at the Mobile Gambling Summit pointing to a growing trend for users to be visiting from smartphones and tablets rather than desktop machines or in person visits to bookmakers' premises - a shift which is again increasing the attack surface available to those looking to defraud consumers out of their rightful winnings.
"Timing is an extremely influential risk-factor for cyberattacks throughout the year," claimed Carl Herberger, vice president of security solutions for attack mitigation specialist Radware. "Hackers capitalize on overwhelming their target's environment on days of great importance and look to exploit vulnerabilities that cause the most detriment. Because these types of assaults show no signs of slowing, it’s crucial that businesses implement anticipatory security measures in preparation for these peak times."
Money Isn't Everything
While many attacks are, naturally, financially motivated, this isn't true of them all: for some reason, the holiday period can bring out the worst in people, rather than the best. In 2014 the digital distribution and multiplayer gaming services run by Microsoft and Sony for their respective Xbox and PlayStation consoles were taken offline in a massive distributed denial of service (DDoS) attack timed to coincide with the eager Christmas Day unwrapping of new consoles.
A group known as Lizard Squad took credit for the attacks, but financial gain wasn't their motive: instead, they appear to have taken pleasure in others' pain, preventing those who were planning to use their consoles over the holiday period from doing so for no other reason than to be a Grinch.. While Lizard Squad may not have benefited from the attack, both Microsoft and Sony suffered monetary losses in both sales delete during the outage and compensation given out to disgruntled customers in the wake of the attack.
Christmas Lights At The End of the Tunnel
It's not all doom and gloom, thankfully. As the year draws to a close, security specialists have chalked up a number of major wins, including the news that the Avalanche botnet has been dismantled. Around 500,000 machines strong at its peak, Avalance was known to be the source of more than one million spam and phishing emails every week prior to the arrest of five individuals thought to be responsible for its operation earlier this month.
"Avalanche has been a highly significant operation involving international law enforcement, prosecutors and industry resources to tackle the global nature of cybercrime. The complex trans-national nature of cyber investigations requires international cooperation between public and private organisations at an unprecedented level to successfully impact on top-level cybercriminals," said Rob Wainwright, director of Europol, of the four-year investigation into Avalanche and the arrests and seizures that have followed. "Avalanche has shown that through this cooperation we can collectively make the Internet a safer place for our businesses and citizens."
While Avalanche may be down, there are other networks of compromised machines waiting to take its place. Whatever your business sector, make sure that you don't leave yourself unprotected this Christmas.
- Set up a response plan that includes emergency monitoring and on-call staff even over Christmas Day itself, with proper remuneration of course;
- Ensure that your systems are kept up-to-date with the latest security patches even if they are released during the holiday;
- Make sure your disaster response and recovery plans are up-to-date and well tested before you break off for Eggnog and mince pies.