IT Security Leaders Gear Up for Summer Holiday Weekends

As summer approaches, summer travel and the potential for vacation-aligned network intrusions begins. Behind the scenes, both U.S. authorities and vigilant network defenders in the private sector are monitoring potential threats that may surface during the upcoming holidays within the next few months.

Although there are no formal public advisories specifically tied to these Summer Holidays like the Fourth of July and Labor Day, an observable pattern has emerged in recent years. Extended weekends and holidays present prime opportunities for malicious malware attacks, including ransomware, as attackers often capitalize on the heightened vulnerability of companies during these periods. Additionally, the likelihood of reduced IT security personnel, due to vacation schedules, significantly increases the chance of intrusion during these timeframes.

Throughout the summer of 2021, major holidays emerged as the stage for a series of unprecedented ransomware attacks, marking them as some of the most significant incidents in recent U.S. history. The severity of these incidents prompted the FBI and the Cybersecurity and Infrastructure Security Agency to issue explicit warnings.

During the Independence Day celebrations in 2021, a notable incident unfolded in Joplin, Missouri—an attack that disrupted the city’s operations. City personnel stumbled upon a ransomware attack, resulting in the unfortunate shutdown of computer systems, phone lines, and vital services. Adding to the challenge, two key executive employees were coincidentally away on vacation during this critical period.

Another attack happened over the Labor Day weekend in 2022 with the Los Angeles Unified School District, the second-largest school system in the nation. Over the weekend, they became the target of a crippling ransomware attack. This malicious breach led to a catastrophic data leak, exposing the vulnerable information of students, which raised significant concerns.

According to a comprehensive study conducted by multiple firms, significant concerns arise regarding data security during holiday periods. A study by Cybereason stated that companies are alarmingly unprepared for ransomware attacks during holiday periods. The research highlights that organizations struggle with comprehending the full scope of the intrusion, making it challenging and resulting in a lengthier recovery process.

Barracuda’s recent research has revealed unsettling trends regarding heightened threat activity witnessed throughout the summer of 2022. This surge in malicious incidents encompasses a range of concerning occurrences, such as a substantial rise in suspicious Microsoft 365 logins originating from a particular country and alarming communications originating from a network with a dangerous IP address. These findings serve as a stark reminder of the urgent requirement for heightened awareness and proactive implementation of robust security measures, particularly during the holiday season.

Vacation time brings forth a heightened vulnerability among corporate employees, who often operate outside their regular offices or workstations. This vulnerability stems from the increased susceptibility to social engineering and phishing attacks. Attackers then exploit the distractions and reduced focus of these employees, attempting to seize the opportunity for their malicious gain. Many attackers will use this opportunity to send out BEC (Business Email Compromise) attacks and phishing links. These bad actors recognize that employees are more likely to be on vacation and away from their computers, which increases the likelihood of employees falling for emails that contain seemingly urgent instructions.

With holiday weekends approaching, it is important to have incident response plans, ensure recent external and internal vulnerability assessment reports are reviewed, backup systems running, and educate employees about the risk of cyberattacks during the holiday weekends. At Apex Technology Management, we are that trusted Managed IT Services and Cybersecurity Provider that your business needs. We want to ensure you have a trusted partner, emergency 24/7 support, cybersecurity, and a proactive approach.