Dr. Seuss’ The Grinch is a holiday favorite this time of year. Just as that green grump disguises himself as Santa Claus to steal Christmas from his neighbors in Whoville, malicious cyber actors leverage the holiday spirit to stealthily target networks and systems belonging to organizations, businesses, and critical infrastructure. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a cybersecurity advisory for public and private sector organizations to remain vigilant and to take appropriate precautions to reduce their risk to ransomware and other cyberattacks leading up to and during the holiday season.
The joint alert includes best practices and steps users and organizations should take to mitigate the risk posed by holiday cyber Grinches, including identifying IT security employees who would be available during the holidays in the event of a cyberattack. The joint agencies recommend maintaining vigilance against the multiple techniques cybercriminals deploy to gain access to networks, including:
- Phishing scams, such as unsolicited emails posing as charitable organizations
- Fraudulent sites spoofing reputable businesses, particularly those often visited by users doing their holiday shopping online
- Unencrypted financial transactions
Training your staff to be on the lookout for these nefarious cyber Grinches trying to sneak into your networks is essential this time of year. You can add a little holiday spirit to the task, like this Night Before Christmas parody that a Florida trucking company sent to their employees as a reminder to stay safe during the holidays.
You can have some fun with it and personalize it for your institution.
From all of us at Bankers’ Hotline – have a happy, cyber safe holiday season!
Originally appeared in Bankers’ Hotline, Volume 31, No. 11, 11/30/21