Stay Vigilant to Help Prevent Cyberattacks During the Holidays

November 16, 2023

What happened?

Cybercrimes tend to increase during the holiday season, as malicious actors take advantage of the increased employee travel and distractions that are more common during the holiday season.

To help protect from cyberattacks during the busy holiday season, the FBI and CISA compiled several recommendations that employees can take now to prevent from these kinds of attacks.

Immediate Actions

Malicious actors may repeatedly spam you with phishing emails and notifications during the holiday season. It is important to remain vigilant and never assume an unexpected email is safe. Always verify attachments are legitimate before downloading them and never click on a suspicious link.

Protect yourself and your organization from cyberattacks with the following immediate actions:

1. Create an offline backup of data.
2. Do not click on suspicious links.
3. Use secure methods to access your firm’s network remotely.
4. Update your operating system software.
5. Use strong passwords.
6. Use multi-factor authentication when possible.

Regarding Holiday Travel

Working and traveling during the holiday season also presents additional risks regarding network security. Below are some important reminders when travelling and working during the holiday season to ensure your network remains secure.

1. Use a secure remote access method, such as a VPN when connecting to your firm’s network.
2. Avoid connecting to free public Wi-Fi, especially airport Wi-Fi.
3. Never leave your devices unattended and always secure them with strong passwords.
4. Identify IT security employees and / or vendors who will be available in the event an incident or ransomware attack occurs during holidays or outside of normal business owners.

Lastly, be sure to review and update your incident response plans to ensure your response team is aware of actions to take and contacts to reach out to in the event of an attack.

For more recommendations on preventing holiday cyberattacks, read the full cybersecurity advisory here.

Next Steps:

Cybersecurity attacks may put firm’s clients’ data at risk and cause downtime for employee as well as reputational damage. Continue to train employees on the ways to identify red flags and be sure they are aware of the latest threats. Maintain a current cybersecurity program that is tailored to your firm’s business practices, including an incident response plan to guide the firm during an incident or data breach.

Fairview Cyber offers turnkey solutions that address SEC requirements for cybersecurity, and our team of regulatory experts are available to answer any questions you may have regarding training, phishing, and vendor due diligence. To learn more, visit our Cyber Solutions page or contact us if you’d like to speak to one of our regulatory experts.