WithSecure Comment: Jubilee Cyber risks
June 2022 by Paul Brucciani, Cyber Security Advisor at WithSecure
Ahead of the Jubilee celebrations, the comment from Paul Brucciani, Cyber Security Advisor at WithSecure warning of the cyber risks the Bank Holiday may bring.
“The Queen’s Jubilee, like any public holiday, will likely be seen as a prime opportunity for cybercriminals to target potential victims as IT teams will be at limited capacity. The Bangladesh heist is a potent example of public holidays being used by criminals to maximise their chance of executing their goals whilst surveillance is reduced. It gives malicious actors the chance to conduct network exploitation and follow-on propagation of ransomware.
Ransomware can take time to propagate throughout a network, as hackers work to escalate privileges for maximum control over the most systems - the longer it takes to notice, the more damage they can do.
It’s also worth noting that no celebration comes without some insidious phishing emails. Scammers will take advantage of these opportunities to target individuals with emails claiming to relate to the Jubilee such as merchandise, prizes or events all cleverly designed to lure them to malicious websites.
Email remains a key entry point for cyber criminals to infiltrate corporate systems, and today’s email threats are getting more and more sophisticated. Email providers’ built-in security measures only get you so far – in practice, they mostly filter out spam. Training staff is of course another solution, but anyone can make a human error.
While it’s natural to take your foot off the gas as you wind down for the Bank holiday, businesses must remain vigilant and ensure they not only have the necessary protection and detection capabilities in place, but also the right expertise to harden their attack surface and anticipate and hunt down threats. Having response processes in place also enables organisations to remain resilient and continue doing business – even when they’re under attack.”