Cyber Monday can be one of the most joyous days of the year for enthusiastic holiday shoppers and at the same time, one of the more dangerous days of the year for IT workers. Users are distracted by online shopping and tempted to engage in risky behavior, leaving IT departments to fight viruses, phishing scams, denial-of-service attacks and increased hacker activity. Here are a few tips to beef up your security this holiday season.
1. Be Careful What You Click
Social media is an easy target for hackers because users are used to a constant flow of dynamic information. What’s scary about a Twitter or a Facebook marketer using social media to let people know about holiday deals? Nothing. And that is exactly why people fall prey to scams on social networks so often:
One of the first places hackers are focusing on this holiday season is social media. They are busy creating fake profiles on social networking and e-commerce sites. These profiles and Web sites are meant to mimic well-known corporate brands, and coax users into clicking on their content. As a result, malicious content can now lay hidden within Twitter posts and Facebook links. Once an employee clicks on those links, your entire corporate environment can be compromised.
And while people might think they know better than to click on a malicious link, a recent survey conducted by Check Point Software showed that phishing and social network tools are the most common sources of socially engineering threats.
2. Beef Up Network Security
Infosec Island reports that 64 percent of organizations see “significant increases in attack activity during the holidays,” yet 70 percent of organizations are not effectively preparing for the attacks:
Hackers are now increasingly breaching networks with Advanced Persistent Threats (APTs), and the holiday season is an ideal time of year for cyber criminals to use them, along with other methods, to exploit myriad lapses in network security. Due to a combination of higher than average network usage and IT administrators being out of the office, enterprises are often unable to react quickly to attacks during the holidays. In fact, 81 percent of hackers surveyed at a recent DefCon said they’re more active during the winter for those very reasons.
To prevent network breaches during the holidays, an enterprise should implement a comprehensive security framework that enables all of their systems to communicate, to rapidly prevent attacks as they occur. As part of such a framework, it is important to utilize a VPN wherever necessary – to provide the highest level of secure remote access to a corporate network, especially with staff working from home, the airport or anywhere in between during the holidays.
3. Educate Your Users
Although productivity is certainly a concern for managers on Cyber Monday, it’s nothing compared with the risks of online shopping on government-owned networks. A Dell SonicWall survey indicates that 68 percent of organizations are concerned “that their employees are unable to recognize an online threat that imperils the corporate network.” Research from Qualys uncovered a few other significant threats:
"From this research, we have found that more than half of the tested machines have critical vulnerabilities. These vulnerabilities allow cybercriminals to take remote control of your machine, search your disk drive for valuable information, monitor all keystrokes and e-commerce transactions, and intercept private information, such as usernames and passwords, credit card numbers and bank account details," says Wolfgang Kandek, CTO of Qualys.
Do you have a tip for enterprise IT leaders this holiday season? Let us know in the Comments.