It’s that time of the year when many people’s thoughts turn to a well-earned break over the summer holidays. However, the holiday period is a critical time for businesses in terms of breaches and cyber incidents, particularly ransomware attacks. 

When the majority of employees take time off over Christmas Day, Boxing Day and New Year’s Day, it creates the perfect opportunity for cybercriminals to strike. This is especially true for organisations with stretched resources and inadequate cybersecurity measures. 

Threat actors can also strike before the office shut down. 

When employees become focused on office parties, end-of-year deadlines and Christmas preparations, they’re more likely to make mistakes. Ransomware is often spread through phishing emails that contain malicious attachments or links. Absentmindedly clicking a link or attachment can unknowingly download malware that encrypts the victim’s files. Before they know it, a threat actor is demanding ransom in return for restoring access to the encrypted data. 

FortiGuard Labs saw 10,666 new ransomware variants in the first half of 2022, compared to just 5,400 in the previous six-month period – an increase of nearly 100 per cent. Armed with new ransomware variants, threat actors will intensify their activities before, during and post-Christmas. The last thing you need is for cybercriminals to successfully strike your organisation this holiday season. 

64% 

of organisations experienced breaches that resulted in lost revenue and/or cost them fines during the past year. 

38%

of organisations reported breaches that cost them more than a million dollars (USD).  

80%

of organisations suffered one or more breaches that they could attribute to a lack of cybersecurity skills and/or awareness 

Despite feeling better prepared for ransomware incidents, most organisations are more concerned about ransomware than any other threat.

While it can be the most vulnerable time of the year, it’s essential not to let hackers ruin Christmas. Here are four steps to reduce ransomware risk from Fortinet:  

  1. Cover the broad attack surface
    Today’s digital organisations that increasingly enable work-from-anywhere and use cloud services open up a greater range of possible entry points for ransomware campaigns. The entirety of the attack surface must be identified and have security controls distributed across it, including office and home workspaces, corporate and public networks, hybrid and cloud applications, workloads, user and Internet of Things (IoT) devices and more.

  2. Deploy detection and response capabilities in addition to prevention
    Organisations need to complement strong threat prevention with ongoing inspection for attacks that may have slipped through. This inspection must be applied to all attack vectors and cyber kill chain stages (from reconnaissance through action on objectives) and tested and practised regularly.

  3. Close gaps and break down silos
    Take a holistic approach. Individual security controls are essential to identify cyber campaign components and activity. Still, they must integrate seamlessly to share the insight and intelligence necessary to recognise campaigns definitively rather than just identifying individual aspects that may look ambiguous on their own.

  4. Design for high scalability
    Threat and information volumes are higher than ever, making security a big data problem. Organisations can use artificial intelligence (AI) and other advanced analytics to supplement human security experts. But don’t overlook the human element—augment teams with outsourced expertise for after-hours coverage or specialised security skill sets and continue to raise security awareness among employees.

The shift to the hybrid cloud and the explosive growth of the internet, combined with the increasing destructiveness of ransomware attacks, have the potential to significantly disrupt business operations over the holiday period.

To ensure organisations are prepared to defend against ransomware, IT leaders must integrate security tools into a cooperative, consolidated ecosystem using a composable and scalable cybersecurity mesh architecture (CSMA) approach. 

 A broad, integrated and automated platform, such as the Fortinet Security Fabric, exemplifies this approach. With the Fortinet Security Fabric in place, organisations can leverage a comprehensive portfolio of interconnected solutions to solve their cybersecurity challenges. 

Backing this up with well-trained, -skilled and -practised employees, staff and service providers helps greatly reduce their risk of ransomware. 

(Source: Fortinet funded survey of 1,223 IT and cybersecurity decision-makers globally, including NZ)

To download the report and explore the full findings click here.

 

About Fortinet

The world’s largest enterprises, service providers, and government organisations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications and connections from the data centre to the cloud to the home office.