No Holiday for Cybersecurity!

The holidays are amongst the most eagerly awaited times of the year. For many of us, it is a necessity, that of being able to take a bit of a break from our daily routine.

This time of year, allows us to think about something else, enjoy life to the fullest, travel, and, above all, reset the counters in order to come back with strength.

However, not everyone sees this concept in the same way.

If for some, the word holiday rhymes with freedom, for others it is synonymous with opportunity. Indeed, for cybercriminals, it is a golden opportunity to infiltrate your systems and thus hack your data through a cyber attack.

After all, cybercriminals do not go on holiday!

Of course, we all know that cybersecurity has become an important issue and even more so since the digital shift and telework becoming the new norm.

However, did you know that cybercrime is much more frequent during your holidays and that you are much more at risk of being a victim?

Maybe you do not quite see the connection between cybersecurity and vacations?

Allow me to enlighten you on the subject and above all, give you recommendations to counter cyber attacks during the summer so that you can fully enjoy your days off, with complete peace of mind.

Vacation vs. Cybercrime

First, how do you explain the correlation between holidays and cyberattacks? The answer is rather simple: carelessness.

Carelessness because when we go on leave, for most of us, our first instinct is to ‘unhook’. We put aside the hassles of everyday life and work to make the most of it. In short, we let our guard down and are less vigilant.

It is exactly this carelessness that allows cybercriminals to easily infiltrate your data. These digital criminals also take advantage of the fact that during the summer, a company is much more vulnerable to a cyberattack since it is very likely that a portion of its IT support team is also on leave.

However, it is important to point out that it is not only during the summer season that cyberattacks wreak so much havoc. Indeed, according to a study conducted by Euler Hermes and the National Association of Financial Directors and Management Control (DFCG), 30% of companies have noticed an increase in cybercriminal cases and threats during weekends, as well as public and civic holidays.

Nevertheless, this reality does not seem to have raised the alarm for some companies. Even according to a 2021 FBI report, less than 40% of IT security professionals “rank information security and privacy among the top criteria for evaluating business partners or vendors”. This same study also shows that only 13% of the company’s stakeholders attach importance to it. Some worrying data!

The Scam

Cybercriminals use various methods to infiltrate your computer network without your knowledge. One such method is also the most common: phishing.

Phishing consists of sending an email or a text message, or a malicious link on a website, which aims to obtain confidential information (passwords, bank code, etc.) by pretending to be a trusted organization, such as your bank. If you answer it, web hackers then have access to your accounts and personal data.

These hacks can lead to skyrocketing costs, and identity theft can even damage your company’s reputation.

For more information on the subject, I invite you to consult our article: The Necessity of Cybersecurity – 8 Tips to Protect Yourself

The Story of the Compromised Executive

What happens when an influencer in your organization’s computer is compromised, and they go on vacation?

Let us review a few scenarios that are a little out of the ordinary, but when executed by a fraudster, can represent significant losses.

·      Payment of an advance on an external account, given that it is outside the country, by sending internal emails, directly to the financial controller.

·      Extraction of sensitive and compromising data from the production environment to an external site, and a few minutes later, everything is transferred to the dark web.

·      Sales of company shares, executed internally, to an international account.

And the list could go on and on…

Considering the position of the fraudster, he now knows the habits of his victim. Moreover, he is even able to impersonate him.

In a study conducted by Forbes magazine in 2020, we also discovered that executives are often the first (76%) to circumvent security rules to speed up or allow the execution of certain processes. This behavior also pushes them to be among the prime targets, up to 84% of them.

Our Solutions

Fortunately, there are effective ways to avoid being the target of cybercrime and to be able to fully enjoy your vacation, and that with peace of mind.

First, see your digital security as your home. After all, when you leave your home, you make sure all the doors are locked and your security alarm is on. You keep a certain discretion with your neighbors when you go abroad. Well, this is the same principle when it comes to your cybersecurity.

To better enjoy your freedom during the holidays, here are some practical, effective, and easy tips:

·      If you have decision-making powers within your company, make sure that other stakeholders can reach you in the event of specific requests.

·      Ensure that your workstation is offline and that it cannot be used to attack against your organization.

·      Disconnect your business accounts from your portable devices, which will have two positive effects: avoid any form of data extortion when you are abroad, but also, it will force you to disconnect and fully enjoy your vacation

 I have even had a few bosses in the past who left their smartphones with their assistants, and only the latter had the phone of the hotel where they were staying so nothing could happen.

·      Limit the information in your away messages. Redirect them to the right person and report that there will be a delay in responding. The fewer details, the less information available to criminals.

·      At home, do not hesitate to disconnect your router. This will limit unwanted uses and keep your home safe from prying eyes.

For your data, here is our advice:

  1. Make a copy or a backup of your working data before exiting.
  2. Do a digital spring cleaning. Take this opportunity to clean up your files, your passwords, and your computer.
  3. Avoid free and public Wi-Fi as much as possible. These are not secure connections.
  4. Establish a VPN system. Setting up a VPN system will ensure that your communications are encrypted.
  5. Note the serial numbers of your devices in case of theft.
  6. Enable Geo-tracking of your devices and remote data wipe.
  7. Review your company’s level of protection and assess the situation.

The important thing here is not to make you panic. On the contrary, what is essential for us is to prevent and educate you about the possible risks. As we have mentioned a few times, cybercriminals do not take holidays. However, prevention and best practices will give you peace of mind during yours.

Are your well protected? Answer to this :