10 June 2022
Check Point researchers say cyber criminals are known to strike during long weekends and holidays, warning Aussie companies to be extra vigilant in the run up to the Queen’s Birthday weekend.
As Australia gears up to enjoy the three-day Queen’s Birthday weekend, Check Point Software Technologies Ltd issues a stark warning about the increased threat level from cyber crime groups during extended holidays.
During these periods, Rodney Thorne, country manager at Check Point explains, everything is “paralysed” so once criminals gain access to the network, there is far more time to extend the attack across the network.
“This is one of the reasons why it is essential to have a good cyber security prevention strategy and not wait until the damage is already done before you address the problem.
“Long weekends, such as the Queen’s Birthday, create the perfect conditions for threat actors to cause maximum damage,” Thorne said.
Check Point researchers have seen a large-scale cyber attack on Kaseya, an IT management software company, that occurred during the US Independence Day weekend, the infamous attack on Colonial Pipeline which happened during Mother’s Day weekend and the JBS cyber attack on the Friday before Memorial Day weekend over the past 12 months alone.
During a long weekend, companies often operate with a skeleton team, with fewer staff to be on the lookout for any type of incident, making it easier for cyber criminals in several ways. Given that the chosen target’s IT teams are not available to react for an extended period of time, this allows ransomware to be fully deployed before anyone notices and can potentially cause more panic during response operations. These factors combined, could increase the chances of a ransom demand being paid.
Cyber criminals are well organised and wait for the perfect opportunity to strike, long weekends and holidays have always been prime time to launch a cyber attack.
Check Point has four tips for protecting a company from cyber attack this Queen’s Birthday weekend:
By implementing a preventative strategy as opposed to reactive, companies can respond faster and more efficiently when faced with an attack. Prevention should be the number one priority for any business looking to keep its data secure.
Humans are one of the weakest links in any company, by investing in the education of your workforce, critical assets can be kept much more secure. It is paramount to train staff members so that they are able to identify and avoid possible phishing emails or texts.
Protect personal devices and remote access
Implementing multi-factor authentication is a must now that hybrid working has been normalised. Many companies now have a multi-device situation with many not having the appropriate security measures in place. These businesses are becoming the focus of malicious campaigns by cyber criminals and so it is key to equip all devices with protective measures against any cyber attack.
Have an incident response contract
Above all else, it’s important to have an incident response contract in place in the event of a breach, a trusted partner ready to act and mitigate any fallout.