Highest spike in cyber attacks occurs after Christmas Day

Nov 26, 2018 20:40 GMT  ·  By

Organizations and individuals are at a higher risk of experiencing a cyber attack during the holidays, starting with Black Friday and ending with Christmas, according to a report from Carbon Black's Threat Analysis Unit (TAU).

As detailed in TAU's 2018 Carbon Black Holiday Threat Report, cyberattacks usually see a substantial increase in frequency during the winter holidays, with the trends going up for the past two years right before Black Friday and reaching the highest spikes during the days following Christmas.

After analyzing more than 16 million endpoints, TAU observed that during the 2016 holiday season organization experienced an increase in the number of cyber attacks of 20,5% above the normal levels.

Furthermore, during the holiday season of 2017, the attempted number of attacks against the endpoints monitored by Carbon Black saw a 57,5% accretion rate.

“Based on existing precedent, we expect the same trend to continue, if not increase, during the 2018 holiday shopping season,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer. “During the holiday season, there is often a ton of noise in the online world and attackers do everything they can to take advantage of that."

Understaffed companies are most vulnerable during holidays

Kellerman also stated that the increase in cyber attack rates for the holiday season applies to both organizations and individuals, all of them being at a higher risk of having their data compromised.

TAU's report says that the vast majority of cyber attacks that happen during the holidays use phishing campaigns or spear-phishing campaigns to deliver malware payloads designed to compromise the victim's computing systems.

Following this type of "holiday-themed" cyber attacks that targeted major retailers were able to successfully breach their IT systems and compromise the personal and financial information of millions of customers.

"Most companies are going to be scrambling to find security team members who are willing to work or stay on call during the holiday hours, particularly with an expected upswing in business," according to the report. "This is compounded by the temptation to disable/ reduce security tools to avoid slowing down business."

Photo Gallery (3 Images)

Christmas hacker
Cyber attacks during 2017 holiday seasonSample phishing email
Open gallery