How The Phish Stole Christmas: Stay Secure Against Holiday Cyberattacks

It’s the most wonderful time of the year, especially for cybercriminals. They know surges in online shopping and travel, combined with short-staffed IT teams and distracted users, make it even easier to catch people off guard with phishing, DDoS and malware schemes. Understanding common types of holiday cyberattacks and taking steps to safeguard your business can help ensure a safe, successful season and year to follow.

‘Tis the season for cyberthreats

It is no secret that cyberattacks are growing in both frequency and complexity—and this alarming trend is compounded by extra seasonal risk. Major shopping periods like Black Friday serve up additional cyber risks to businesses and consumers as hackers grow more active. Increased eCommerce sales combined with reduced staff and access to IT resources create a perfect storm for security breaches, data theft and related disruptions. 

Three types of cyberthreats can be especially common during Cyber Week, the five-day period spanning from Thanksgiving through Cyber Monday. 

Ransomware

Ransomware is an ever-growing threat to businesses worldwide. This year, ransomware attacks accounted for nearly 25% of all malicious attacks, according to IBM’s Cost of a Data Breach Report 2023, and the costs of these incidents increased significantly.

At just over $5 million, the average cost of a ransomware attack rose 13% from $4.5 million in 2022—and that doesn’t include paying the ransom. Long-term costs can be much higher when you factor in reputational damage and lost business opportunities.¹

The FBI and Cybersecurity & Infrastructure Agency have observed attackers targeting increasingly impactful attacks on or around holidays. According to a 2022 security alert, “this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”²

Additional warnings from the FBI’s cyber division caution U.S. companies to be alert to the risk of dual ransomware attacks, in which bad actors target the same organization more than once in quick succession. 

Phishing and Spear Phishing

Phishing attacks are more likely to be effective during the holiday season when users already receive a plethora of promotional emails, many of them unsolicited. Seasonal phishing scams often mimic the types of emails that increase during November and December, such as order and tracking emails, charity requests and messages about holiday events.

Cybercriminals also tend to use seasonal spear-fishing attacks to exploit security weaknesses around holidays and other events. In fact, Barracuda Networks found that the number of these attacks spiked to more than 150% above average the week before Christmas and plunged in the weeks after the holiday. With an average click-through rate of 11%, just one successful spear-phishing campaign can be devastating.³

Distributed Denial of Service (DDoS) attacks

In the first half of 2023, approximately 7.9 million DDoS attacks occurred globally, a 31% increase from the same period in 2022. That’s a staggering 44,000 attacks occurring each day.⁴

As we approach the biggest shopping season of the year, attackers know the damage caused by DDoS attacks is more costly than ever to businesses. The disruptions they trigger can pose a unique threat to eCommerce businesses and financial institutions during the holidays, when internet traffic to those industries spikes dramatically.

The Lumen Quarterly DDoS Report Q3 2023 adds credibility to this trend of holiday attacks, revealing that the largest attacks (both bandwidth and packet rate) targeted the telecommunications industry, with most hitting around the July 4th holiday weekend. This suggests that threat actors were looking to strike when their targets’ IT and security teams were out of the office for the holiday.

Cyber Monday 2022 was the largest retail ecommerce sales day in U.S. history, with consumers spending $11.3 billion online.⁵  With so much at stake, it’s more important than ever to create a secure IT infrastructure.

Make A Cybersecurity Checklist (And Check It Twice!)

As you wind down your operations for the holidays, threat actors are gearing up to strike. Whether your business is small or large, we can guide you through the cybersecurity landscape to help keep your company protected and secure now—and all year long. Our threat-intelligence arm, Black Lotus Labs®, monitors ~195B NetFlow sessions every day, leveraging our extensive network visibility to both help protect your business and keep the internet clean.

Check out these security tips to proactively prepare for and defend against an attack:

• Be prepared: In the case of a cyberattack, it’s crucial to have a plan in place. You can order Lumen® DDoS Hyper® in minutes to combat an active DDoS threat if you have the necessary information on hand. Refer to this checklist for the required information to order Lumen DDoS Hyper.
• Get familiar: Current Lumen network and security customers should set up Admin access in the Lumen Control Center before experiencing an attack. With the Admin role appropriately assigned, you can turn up services in near real time to mitigate active threats.
• Know your vulnerabilities: Check out this infographic for an overview of common vulnerabilities and the appropriate security solution for each one. We also offer two comprehensive assessments to help you understand where your business is most vulnerable and recommend the appropriate security fixes.

Lumen® Security IT Assessment quickly uncovers weaknesses in an organization’s public-facing environment, identifies current vulnerabilities and provides security improvement. recommendations.

Lumen® Ransomware Assessment is a more in-depth, comprehensive and ongoing assessment that pairs you with a designated consultant to review your security procedures and provide guidance.

• Real-time mitigation: Under attack? Turn up Lumen DDoS Hyper in minutes to combat an active threat. Check out the How to Order DDoS Checklist for all the information needed to order this self-serve solution. Use Lumen’s “click to chat” function for assistance from the Digital Operations Center, if needed.

By staying vigilant and taking these proactive steps, you can defend your business and help ensure your customers, employees and partners enjoy a happy holiday season free from cyberattacks.

Webinar: Keep Your Business Safe This Holiday Season

Don’t let cyber grinches hack your holidays. Join us on November 15, 2023, for a 30-minute webinar on  the importance of robust holiday cybersecurity protection for your business. Lumen and Black Lotus Labs security experts will present highlights from our Q3 DDoS and threat report and share best practices you can implement to keep your data and processes safe during this critical time of year.

¹IBM, Cost of a Data Breach Report, 2023.

²Cybersecurity & Infrastructure Security Agency (CISA), Ransomware Awareness for Holidays and Weekends, 2022.

³Barracuda, Market Report: 2023 Spear-phishing Trends, 2023.

⁴Netscout, DDoS Threat Intelligence Report ISSUE 11, 2023.

⁵eMarketer, Cyber Monday was the biggest online shopping day ever, November 28, 2022.

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ^©2023 Lumen Technologies. All Rights Reserved.