E-commerce has grown significantly in the last 5 years. In 2023, it accounted for 19% of global sales and it is estimated to grow to more than 25% by 2027. This trend intensifies during the holidays season, as consumers look for the best deals to finish of their shopping lists. However, in the frenzy that surrounds the holiday season and end of the year, so follows are the rise in cyberattacks for both consumers and businesses.
The heightened emotions of the holidays, especially with consumers, is what cybercriminals are banking on. Alongside this, a large portion of staff members take holiday or WFH during this time of year, leaving businesses more vulnerable to attacks and with less staff to act in a timely manner. These combinations make not only companies, but individuals more vulnerable and less responsive to cyberattacks.
The Cybersecurity and Infrastructure Security Agency has stated that “Cyber criminals may view holidays and weekends – especially holiday weekends – as attractive timeframes to target potential victims, including small and large businesses.”
Just because it is the holidays does not mean cybercriminals are taking a day off, they are working 24/7/365. So how can you keep both yourself and your business safe so you can enjoy the holiday season? Alongside adopting good cybersecurity practices, here are some other threats to keep an eye out for to remain safe.
Keep out an eye for holiday cybercrime
Phishing and ransomware increases
Malicious emails drastically increase around this time of year, with reports finding around at least 150% above average. An increase in ‘too good to be true’ emails and typosquatting (the use of commonly mistyped domains to impersonate retailers) lure in unsuspecting consumers who are looking for a good bargain. Cybercriminals like to take advantage of both time sensitive offers and the emotions of the holidays, so be sure to double check the source of the email, especially if it is too good to be true.
Malicious gift cards
Gift cards are a common gift during the holidays, but they are also an increasingly common way cybercriminals gain access to their victims’ data. Cybercriminals will likely impersonate a colleague or family member, either giving them a gift card or requesting them to make a gift purchase.
Fake charities
In the season of giving, many people will make generous charitable donations and cybercriminals exploit this. Before making any donation, double check both the link and the website to ensure your money is going to a credible charity organisation. If you are a still unsure, it is always best to contact the charity directly to discuss the correct links to make your donations through.
Don’t let cybercriminals steal your holiday cheer
Stay vigilant and check the source.
Remember that cybercriminals feed off the emotions and fast-paced environment that surround this time of the year. With phishing and ransomware on the rise alongside ecommerce trends, it is important to take a step back and double check what you might be interacting with. Best rule of thumb - if it looks suspicious, you do not recognise the sender, or the offer looks too good to be true, do not click on the link or provide your information. Read our blog on phishing to learn more.
Practice good cyber hygiene.
Ensuring you are using strong and complex passwords, multi-factor authentication, and regularly updating your systems are the first wall of armour against cybercriminals. Your systems and data are only as strong as your defensives, so make you are making your systems as safe as possible from being attacked by cybercriminals.
Review your Cybersecurity Preparedness Plan
You might already have a plan in place and have run through practice scenarios of how to respond to specific incidents. But what do you do with less staff or more distracted staff during the holiday season? This would be a great time to review your Incident Response Plan (IRP) and decide on alternative measures that could be put in place during this time of year. This could be a temporary restricted access to sensitive information, increase in security patches, etc. Your business and your employees should enjoy the holiday season and not worry about cybercriminals taking advantages of these vulnerabilities, so updating your IRP to help have scenarios for the holiday season can help reduce the stress.
Back up your data!
Don’t skip out on regularly (aka daily) backing up your data. Following the 3-2-1 Back Up Strategy, ensuring you have multiple encrypted backups of your data and important files is an important safeguard in the event of a cyberattack. In an already stressful time of year, having data back-ups will help you save time and money in regaining access to critical information. A hardware encryption module to encrypt data stored in the cloud and/or an offline encrypted backup is an important option to include in your data hygiene practices, as it can provide that extra level of reassurance and security. Taking that critical extra step, in protecting your data by storing it offline in an encrypted flash drive or portable HDD/SSD, out of the hands of criminals, can act as an essentially unbreakable safe and can make the world of difference when you need to restore your data following a cyber or ransomware attack, especially during the holidays.
Stay Cyber Secure this Holiday Season
At iStorage, have a wide range of products that can suit those on a budget, with some of our hardware encrypted products starting at only £49, to desktop drives holding up to 24 TB to store both your personal and company’s most vital data in an ultra-secure, offline device.
Our diskAshur3 range boasts the most advanced security features, recently passed the CAVP (Cryptographic Algorithm Validation Program) testing as part of the FIPS 140-3 Level 3 validation scheme that the products are currently being evaluated against. This includes three encryption modes (patent pending), and user-configurable PINs ranging from 8 to 64 digits. The new range incorporates all the essential features of other iStorage products such as ease of use, platform independence and tamper-proof sleek designs.
And our unique and patented iStorage cloudAshur hardware security module is the perfect solution for anyone wanting to securely store, share and manage data in the cloud. cloudAshur can also be used to encrypt data stored on a network drive, on a local PC/MAC and to send encrypted email attachments or data via file sharing software applications eliminating all the security vulnerabilities that exist with cloud platforms, such as lack of control, unauthorised access and human error.
If you are looking to take control of your data and keep it out of the hands of cybercriminals not just during the holidays, but year-round, speak to one of our company representatives now to see what would be best for you.
Check out our range of products
