8 Threats to Watch for This Holiday Season
Here’s a list of holiday season threats and best practices to defend against them.
November 16, 2020
Sponsored by Netsurion
This holiday season will be like no other with the continued use of remote work, greater online sales, third-party sourcing from across the globe and employees taking much-needed time off. With their support networks and trusted relationships, IT service providers continue to be targeted by attackers. Cyber criminals will take advantage of these distractions to steal sensitive data, hold it for ransom or use MSPs as a stepping-stone to more lucrative victims.
Hackers often strike when businesses let their guard down, gaining access to networks but laying low to strike later. Once centered on key shopping days like Black Friday and Cyber Monday, cyber attacks are now extending across all of November and December and into the new year, making comprehensive vigilance and 24/7 visibility even more challenging. It’s time to fight back against cyber criminals with defense-in-depth resiliency to proactively protect your end customers at this crucial time of year.
Here’s a list of holiday season threats and best practices to defend against them:
Step up vigilance during the holiday season: Knowing that businesses will be short-staffed or even preoccupied at the end of the year, cyber criminals intentionally target businesses in Q4. As a first step, keep systems patched and remind employees about cybersecurity risks like phishing and preventative measures. Look for suspicious behavior such as access from countries where you don’t have any operations or customers.
Protect data in POS environments: Point-of-Sale (POS) devices enable consumers to complete purchases and transactions safely. These devices access critical infrastructure and assets as well as communicate with payment processors and banks. POS threats can include file-less attacks, ransomware, zero-day attacks and skimmers placed physically on devices. Use PCI DSS compliance standards as the starting point to identify POS risks and best practices. However, it is critical to realize compliance alone is not enough for adequate security.
Don’t overlook work-from-home security: Your customers will continue to encounter more cybersecurity vulnerabilities as laptops remain outside the IT perimeter of headquarters. Employees may use work devices for online shopping or charity donations during the holidays, or, conversely, use less-protected personal laptops for work tasks. Layered defenses can help you stay current on remote work threats to rapidly mitigate persistent and well-funded adversaries.
Boost endpoint security: With over 70% of threats starting on network endpoints like laptops and mobile devices, it’s clear that traditional endpoint security tools like anti-virus are insufficient. Endpoint protection platform (EPP) capabilities can block and even prevent threats in real time before damage occurs.
Use multi-factor authentication (MFA): Increased authentication protection with multi-factor authentication (MFA) is an easy way to strengthen your security posture. MFA provides an additional layer of security that can compensate for weak or easily guessed passwords. Make sure you and your end-customers are both using MFA.
Limit access to data: Access to sensitive information should always be on a need-to-know basis. Today’s security platforms offer role-based access control (RBAC) that restricts users from viewing sensitive data outside their job functions. Remember to take proactive steps to automatically remove access when no longer needed.
Conduct vulnerability scanning: Think like a hacker and understand where your vulnerabilities lie. Managed vulnerability scanning identifies, prioritizes and remediates security gaps before attackers find and monetize them. Many compliance regulations such as HIPAA and PCI DSS require vulnerability assessments.
Maintain comprehensive visibility and monitoring. A crucial foundation for security teams, a security information and event management (SIEM) system begins with the collection, standardization and storage of security event data to analyze and offer real-time alerts. Examples of suspicious activity that a SIEM detects include excessive or failed logins, authentication attempts that bypass privileged access management, and unusual increases or decreases in traffic or geographies. Managed Threat Protection by Netsurion includes a SIEM managed by a 24/7 security operations center (SOC) purpose-built to the needs of MSPs and MSSPs.
We’ve Made Your List; Now, Check It Twice!
‘Tis the season to be wary of cyber crime, as hackers don’t just attack larger enterprises. Cyber criminals also use advanced persistent threats (APTs) to target MSPs and midsize businesses. IT service providers like MSPs have direct access to many business networks and sensitive data, and hackers seek to exploit this trusted relationship with ransomware and extortion-type techniques. Adversaries often target mid-sized businesses because they are supply chain partners of larger firms or may have security gaps that are easy to exploit.
Hackers are continually reinventing their tactics, techniques and procedures (TTPs) to catch you off guard and evade detection, so it’s important to stay on top of vulnerabilities and real-world attacks. And as you look toward the future, ensure cybersecurity is a year-round priority. Learn more about Netsurion and how our managed threat protection platform, EventTracker, helps you stay secure and maintain customer trust during this busy time of the year.
This guest blog is part of a Channel Futures sponsorship.
Read more about:
MSPsAbout the Author
You May Also Like