Holiday cybersecurity best practices to ensure a safe end to 2024

The holidays are a time for joy, connection, and maybe a little too much hot cocoa by the fire. But while we’re busy celebrating with loved ones or preparing for it by taking advantage of holiday deals online or day-dreaming, cybercriminals are hard at work. The season often brings a surge in cyberattacks as hackers take advantage of unique vulnerabilities like reduced staff, distracted employees, and increased online shopping.

The rise in AI over the past years has compounded this issue by making it easier than ever for scammers to imitate brands, or even individuals – like your manager– through deepfake attacks, not to mention AI malware. Staying aware and being prepared can help bring peace of mind that the only surprises this holiday season are the ones under the tree, or here in Iceland, our kids' shoes.

To help organizations and their people prepare for this rise in potential cyber threats and enjoy the season, we put together a list of common types of attacks to look out for and best practices to mitigate them.

3 common types of cyber attacks to look out for during the holidays

Ransomware attacks

During the holidays, employees often take time off and begin to wind down at work, leaving routine security tasks like updates and patches overlooked. Unfortunately, this is exactly the kind of opportunity cybercriminals are looking for.

That’s why ransomware attacks increase during this time. Darktrace reported in 2021 that ransomware attacks increase by 30% on average during the holidays. Hackers prey on weak security practices such as outdated software, poor password hygiene, vulnerabilities in code, and insecure remote access controls. These attacks can lock users out of their systems or data until a ransom is paid—turning holiday cheer into a cybersecurity nightmare. Staying proactive with patches, secure credentials, and employee training can go a long way in keeping ransomware at bay.

DDOS attacks

Distributed Denial-of-Service (DDoS) attacks are growing in scale and sophistication and they become even more prominent this time of year. As online services experience heavy traffic from holiday shopping and year-end transactions, hackers exploit the increased load by overwhelming servers with a flood of fake traffic. These attacks leverage networks of hijacked devices and overwhelm their target with spam internet traffic coming from those devices at the same time. These types of attacks pose a serious threat and can bring websites or online platforms to a standstill, causing huge financial losses and damaging brand reputations. 

Strong mitigation strategies, including traffic monitoring and scalable server defenses, are essential to prevent disruptions during the busiest time of the year. Microsoft reported in 2022 that they received an influx in DDoS attacks this time of year.

Holiday Phishing Scams

Phishing attacks trick people into revealing sensitive information such as credit card numbers, passwords, or company data, with the intention of financial gain or data ransom. And the holiday spirit of giving and spending makes this time particularly ripe for phishing campaigns.

Here are some common holiday-themed scams to watch out for in 2024:

• Delivery scams - Phishers often send fake emails or SMS messages to individuals saying they have a delivery on the way and direct recipients to click on malicious links to provide payment details or to install malware.

These scammers often impersonate trusted carriers like DHL and FedEx– and with the rise of AI, imitating well-known brands is easier than ever. Keep in mind, legitimate companies won’t ask for payment or sensitive details via unsolicited emails or texts. The IRS warns this type of scam in particular is very widespread this year. 

• Charity scams - With the rise of philanthropy during the holidays, comes the rise of phishing scams imitating charities sending e-mails asking for donations. Before donating, verify the organization’s legitimacy by visiting their official website or using trusted charity directories.
• Travel scams - With holiday travel on the rise, scammers promote suspiciously cheap vacation rentals or airfare. If an offer seems too good to be true, take the time to verify and make sure it’s coming from a legitimate travel agency or rental provider. 
• Unpaid invoices - Malicious actors know that people tend to be less focused and careful this time of the year with their heads thinking about their Turkey dinner or holiday getaway. If anything, we should be extra vigilant this time of year. Always double-check before processing any unexpected or urgent payment requests.

Each of these attacks thrives on holiday distractions and good intentions. By staying cautious, verifying requests, and prioritizing security, you can help ensure your holidays remain merry.

Read about 3 examples of serious cyber attacks from the past.

Security best practices for organizations to follow during the holidays

“By failing to prepare, you're preparing to fail." — Benjamin Franklin

With this in mind, it’s vital to not only keep up your usual defenses, but to fortify them and be prepared for increased threats. To keep your organization secure, here are some best practices we recommend: 

Make sure your employees are up-to-date with their security awareness training

Human error is often to blame for an attack, and the chance of mistakes increases this time of year. 

• Ensure that all of your employees have completed the necessary security training to avoid these scenarios. 
• Consider conducting a holiday-specific cybersecurity awareness campaign highlighting common phishing tactics, such as fake order confirmations or charitable donation scams.
• Remind employees to avoid clicking on unexpected links or downloading attachments from unknown senders.
• Prohibit using corporate devices or email accounts for online shopping to reduce exposure to scams and malware.
• Use a tool like, Aftra, that can check if employee accounts are used online. 

Ensure all systems and software are up to date with the latest security patches

Conduct a thorough review of all operating systems, software, and firmware to ensure they are patched with the latest updates. 

• Pay special attention to critical systems such as payment platforms, CRM tools, website CMS (such as WordPress), and customer-facing applications, which may be targets for attackers during peak traffic periods.
• Automate outdated software detection where possible to minimize manual oversight.

Tackle critical vulnerabilities detected by your scans before the holidays start

Perform a comprehensive vulnerability scan of your IT infrastructure to identify high-risk issues.

• Prioritize remediation of vulnerabilities in systems with high exposure, such as public-facing applications, VPN gateways, and endpoints handling sensitive data.
• Use a "red team" approach to simulate attacks and test your defenses for weaknesses.

Strengthen authentication protocols, including multi-factor authentication

• Enforce MFA for all accounts, especially for privileged users and remote access systems.
• Review authentication logs to detect anomalies, such as login attempts from unusual locations or devices.
• Educate employees on secure password storage and enforce the use of password management systems. 

Implement continuous monitoring to detect suspicious activity 

• Use Attack Surface Management (ASM), such as Aftra, to continuously monitor for unusual activities, such as when typosquatting domains (domains similar to yours, often with a minor misspelling) are created. 

Make sure you have the coverage to respond to potential incidents

• Ensure you have an incident response team and plan available or on standby during peak times, including the holiday season.
• Perform training exercises to ensure that your team is prepared to respond to a security incident quickly and effectively.

Verify your data backup and recovery processes for business continuity

• Test your backup systems to confirm that all critical data is securely backed up and easily recoverable.
• Store backups in separate, secure locations, such as offline or in the cloud, to prevent ransomware from encrypting them.
• Review Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) to align with business needs.

Have your Business Continuity playbook up to date and available

• Review and update your Business Continuity BC and Disaster Recovery (DR) plans to address any new threats or changes in the IT environment.
• Include escalation procedures, communication plans, and key stakeholder contact information.
• Ensure the playbook is securely stored, but accessible in the event of an attack that disables internal systems.

Preventing cybercrime with External Attack Surface Management (ASM)

One great way to effectively combat cyber threats is to adopt a proactive approach to security. This starts with strong and decisive top-level leadership and the implementation of solutions that allow your organization to stay secure– at all times.

Aftra provides an attack surface management platform with tools to assess and enhance digital security, including automated vulnerability scanning and continuous, real-time detection.

Our solution offers proactive insights that enable you to make informed security decisions to safeguard your financial and digital assets, brand reputation, and business integrity. 

Book a demo with us to ensure a crime-free holiday and prosperous digital future.