The last quarter of the year is usually one where people tend to relax, spend a little on themselves, take vacations, and devote more time to personal affairs. But this is also the time when we witness an increase in cyberattacks! This article discusses why Q4 can be called the most dangerous period of the year in cyberspace.
From October to December, the world takes on a festive and extravagant hue with the impending back-to-school shopping, Thanksgiving, Halloween, Black Friday, Cyber Monday, Super Saturday, Christmas, and New Year’s Eve celebrations and expenses. During this time, retailers offer free shipping and unbelievable discounts and the aviation industry thrives. Along with retailers and the travel industry, another group of people benefits from the ‘most profitable’ quarter of the year – the cyber attackers. Malware attacks, phishing scams, data breaches, and hacks escalate during this time as these adversaries can easily lure people by offering them the finest deals with just a click! And it’s evident from the graph below, how the number of data breaches have soared in the last few years.
Highlights of Cyber Attacks In Q4
A study by the Ponemon Institute predicted that cyber-attacks on Black Friday and Cyber Monday would cause losses exceeding $500,000/hour for retailers. The study further revealed that 64% of all enterprises witnessed an increase in attacks during the Christmas period.
DDoS Attacks almost doubled in Q4 2014 as compared to Q4 2013 and the majority of these attacks used reflection techniques. The period also marked a significant increase in application and infrastructure layer attacks.
Hacker group Lizard Squad made Christmas holidays dull for game lovers in 2014 by bringing down the PlayStation Network and Xbox Live with DDoS attacks, and they threatened to do the same again in 2015. They emphasized PSN and Xbox’s poor security, which encourages hackers to exploit what the organizations willingly leave to be exploited.
The rampant online shopping increased cyber risks. ThreatMetrix identified over 130 million cyber-attacks in November 2016. It had already announced that the year’s final quarter would witness many more such cyberattacks during the Christmas holidays.
The National Retail Federation, United States, remarked that while approximately 151 million people shop in stores during the Cyber Monday Sales, around 100 million also prefer online shopping. In 2017, an Australia Post report speculated that one-tenth of all consumer goods would be bought online by 2020. And today, we cannot deny that online shopping is increasing rapidly.
Since email has become the storehouse of receipts for all holiday shopping done in Q4, this period is also when the adversaries launch personalized phishing attacks. A 2018 email security report stated that 12% of all phishing attacks in Q4 were VIP impersonations, whereas, 10% of the emails were sent from compromised accounts.
A DDoS Protection analysis stated that DDoS attacks almost doubled in Q4 2019 compared to Q4 2018. The report further revealed that attacks were launched more on weekends than on weekdays. The analysis also stated that it was only normal that attacks increased in November and December, considering the season’s vibrant business.
What Are The Attack Methods Employed By Cyber Adversaries?
Based on our study, the most common methods employed for Q4 cyber incidents are malware, social engineering, hacking and DDoS attacks, among others. Ransomware sent through phishing emails were the most significant threat factor for schools, healthcare facilities, governments, industrial facilities, and IT companies in 2019. While spyware accounted for the highest number of attacks on individual devices and governments in 2018, cryptocurrency frauds ruled the cyber world in 2017.
Intensity Of Cyberattacks: A Comparative Analysis Of The Last Three Years
Speaking of the number of cyberattacks, there has been an increase in the attacks enterprises and individuals have gone through, particularly in the fourth quarter. As per a study, ninety-six percent more attacks were launched in Q4 2019 than in Q4 2018. Similarly, thirty-one percent more attacks were recorded in Q4 2018 as compared to Q4 2017.
Carbon Black found a 57.5 percent rise in cyber-attacks during the 2017 holiday season, which only highlighted the rising number of such attacks in the succeeding years. Furthermore, a Dimension Data press release from the same year stated that Q4 would expose global consumers to over 50,000,000 cyber-attacks. With more than 1.4 million phishing pages being created every month and Internet and online shopping being accessible to all, becoming victims of such frauds wouldn’t be surprising.
The annual retail holiday sales forecast of Deloitte from 2018 suggested a 22% rise in online shopping compared to 2017 and that the sales would be the highest around the holiday season. In the same year, 7500 Christmas phishing scams were reported, collectively costing over $400,000 to enterprises and individuals. These attacks mainly involved shopping and parcel delivery scams, travel booking email scams, etc.
These rising numbers suggest that something is seriously amiss in the cyber risk management strategy adopted in the final three months of the year. In all likelihood, this is because of fewer employees and experts reporting to work amidst all of the season’s festivities.
Who Are The Victims? Individuals, Organizations, or Both?
Both individuals and organizations are likely to be targeted by adversaries as they each have their unique set of vulnerabilities. However, the sectors most targeted in the Q4 attacks of the various years include Government undertakings where security is known to be poor, the healthcare sector, which is frequently attacked by ransomware and phishing scams, either with direct financial motives or for stealing Personally Identifiable Information or PII. Other targets of the adversaries include the financial industry, including banks and cryptocurrency, the IT sector, individual users, and online and offline retailers.
Governments and financial institutions become frequent targets of Advanced Persistent Threats or APT groups and more so in Q4 when perhaps the best minds are on leave! The year 2019 also saw ransomware actors threatening victims with publication of their sensitive information if they refused to pay the ransom. This trick worked in many cases because enterprises feared the penalty for compromising personal data under the General Data Protection Regulation.
The above figure shows the dominance of ransomware threats across the globe in Q4 2016. TorrentLocker, CryptoWall, and Locky were the major ransomware actors attacking industries during this period.
How To Stay Safe Online During This Festive Season?
Needless to say, Q4 is one of the most vulnerable periods for the digital world as several factors collectively work to reduce vigilance at an enterprise level (such as unavailability of the workforce, seemingly genuine emails/deals pitched in by adversaries) as well as at an individual level (such as card skimming pages, fraudulent emails leading to phished shopping sites). Hence, it is vital to stay safe at the cyber front while we embrace the holiday season and engage in festivities. Here is what an individual or enterprise can do:
- Update your applications, software, operating systems, and antivirus well in advance to avoid unauthorized access.
- Implement Security Information and Event Management (SIEM) solutions for faster detection and management of potential attacks.
- Implement preventive measures to protect from Distributed Denial-of-Service (DDoS) attacks.
- Use encryption, hashing, and digital signatures while dealing with sensitive and confidential data and regular backup.
- Follow the ‘principle of least privileges’ when providing access to employees and enable Multi-Factor Authentication (MFA).
- Follow the basic cyber-hygiene practices, such as avoiding password repetition, using alphanumeric characters, regularly changing passwords.
- Organizations must have stress tests, and web application audits with employees to find and remove their vulnerabilities.
- Organizations must focus on employee cybersecurity training, awareness, and education.
- Involve clients/customers in the enterprises’ cyber defense strategy and educate them on safe surfing.
- Beware of fake reviews on new or unfamiliar shopping sites and refrain from sharing PII on such suspicious platforms.
- Ensure that the sites you visit are safe; look for “https” in the website link and try avoiding sites with “http.”
An IT lockdown in Q4 is always a bad idea. When an enterprise does its homework well before letting employees off for the holiday season, the cyber adversaries cannot do much harm. At an individual level, be it Black Friday or any ordinary day of the year, vigilance is the key to staying safe online. The wise old saying ‘Think before you act’ should be kept in mind while reacting to emails/ads received during the festive season in Q4, as an impulsive click often makes one lose a lifetime’s earnings and that’s not the worst thing that could happen!
If you haven’t tried BitNinja yet don’t forget to register for the 7-day free trial! No credit card needed!
Stay safe and happy hacker-hunting!