Holiday Cyber Warnings Will Echo Across 2021

A recent article in Dark Reading, “Nowhere to Hide: Don’t Let Your Guard Down This Holiday Season” by CrowdStrike Product Director Scott Taschler, provides ominous warnings of adversary activity and practical recommendations for increasing cybersecurity during the 2020 end-of-year holidays. The article stresses that “adversaries don’t vacation” — on the contrary, attackers take every opportunity to leverage the operational downtime most organizations experience during the holidays. Adversaries continue to work overtime all year looking for new ways to thwart your cyber defenses — and it will be crucial for organizations to heed the article’s recommendations and put them into practice in 2021 and beyond.

 

The article highlights recent findings of the CrowdStrike Falcon® OverWatchTM team that were published in the CrowdStrike® 2020 Threat Hunting Report — including the fact that the first half of 2020 saw “the highest number of potential intrusions covered by Falcon OverWatch in a calendar year.” In addition, June 2019 to June 2020 was a particularly lucrative year for eCrime actors, who made gains compared to nation-state-sponsored activity. In fact, eCrime comprised 82% of all intrusions the OverWatch team uncovered in 2019-2020 in which attribution could be made with a high degree of confidence. The widespread use of ransomware attacks during this period is particularly troubling — especially those aimed at the healthcare industry, where such attacks can cause catastrophic delays in patient care.
CrowdStrike chart Falcon OverWatch observed more potential intrusions in the first half of 2020 than in all of 2019.
Source: CrowdStrike 2020 Threat Hunting Report

Cybersecurity Checklist

The article includes a Holiday Season Security Checklist, but the suggestions offered should be applied year-round for organizations that want to stay ahead of today’s sophisticated and determined threat actors. This checklist includes the following recommendations:
  • Establish a proactive and continuous threat-hunting practice
  • Ensure that internet-facing infrastructure is rapidly and consistently patched
  • Establish and enforce strong password rules and multifactor authentication
  • Eliminate excess software and ensure strict controls
  • Train your employees to be cybersecurity-aware
For more information on securing your organization now and into the future, read the entire article on Dark Reading.

Additional Resources