How to protect your business from cyberattacks during the holiday season

Like the summer holidays, the holiday season is a time when companies like to relax, and so let their guard down a little. If we consider that 90% of cyberattacks use email as their main way in and we receive dozens of them each day, any lack of attention such as opening a malicious attachment could be fatal to us.

To avoid any unpleasant surprises, it is imperative to put in place good practices before you go on holiday or if you're working alone in the office.

1. Don't post on social media that you're going to be away:
   To choose their target, cybercriminals thrawl through professional social networks, this is also known as social engineering. What is your position in the company? Who are your close collaborators? What projects do you communicate publicly about?
   Without realising it, you are giving a wealth of information about your business. By announcing your absence publicly, you assure cybercriminals that you will not be present during the intrusion attempt.
   Even worse, in the case of a CEO fraud, one could impersonate you and request sensitive information from one of your employees. So rule number 1, if you want to enjoy a happy holiday season, do not communicate your absence on social networks!

2. Remind your employees of good cybersecurity practices:
   Company employees can be the weakest link in its security policy. During this sensitive period, do not hesitate to remind your employees and subcontractors of good cybersecuirty practices: always verify the email identity of your senders, ask for advice if you have the slightest doubt about a suspicious attachment, do not respond to a request that goes beyond the usual operation of the company and, do not connect any non-auhtorized USB flash drives.

3. If you are not using your workstation, turn it off:
   To infect the company's network, cybercriminals need to move from machine to machine, we call this lateral movement. If you are not at your desk and you do not need to keep your machine on, turn it off. In the event of a cyberattack, your machine will not be compromised and you will also be saving electricity.

4. Do not leave the default administrator password on your printers:
   Many companies spend massive amounts on cybersecurity tools to secure the network using firewalls, workstations using antivirus or EDR, messaging using an anti-phishing solution. But have you thought about securing your printers? Ultimately, the biggest cyberattacks most often begin with an oversight.

Finally, if it is not already done, remember to change the administrator password of your printer connected to the network, you will avoid having an unpleasant surprise when returning from vacation.

Let's imagine that despite all your precautions, unfortunately your company has been the victim of a cyberattack. How should you react?

First of all, do not panic, the quicker the situation is dealt with, the more likely you are to stop the threat. To do this, you must define a crisis management process based on different scenarios ranging from the simplest (I downloaded a malicious attachment but I did not open it) to the most critical (all of my computers have been encrypted by ransomware, my company is at a standstill).

Write your plan on paper. This simple process should define the role of each step and the list of actions to be performed in the first minutes, the first hour and the next three.

Take inventory of your sensitive data by checking that regular and full backups are available. If you do not have the technical skills in the company to reinstall infected machines and clean your IT infrastructure, prepare a sheet on which you can find all the people to contact in case of an emergency.

Remember to write this on paper because your email and all of your computers have been encrypted and you will not be able to access your contacts.

Make sure you have all the phone numbers of your employees to allow you to communicate on a messaging solution such as Facebook messenger or WhatsApp if your company's telephone systems has been hit.

The more prepared you are to deal with this situation, the more likely you are to save your business. Figures from our 2024 Secuirty Navigator report indicate 60% of SMEs close within 6 months after being hacked.

To feel at peace while on leave, you must know how to answer these four questions: How often is your company's data backed up? Where are they stored? Is all the data critical to the operation of your business saved? Are you prepared for any type of event (cyberattack, fire, natural disaster)?

To answer these questions, we recommend that you adopt the "3-2-1 backup" strategy. This consists of having at least 3 copies of all your essential data to restart your activity. These backups must be stored on two different devices such as a hard drive, dvd, usb stick, NAS or on cloud storage. And one of these backups must be stored away from your company's site.

With this strategy, you will be able to handle the situation by reinstalling the infected machines.

Applying good practicesmay prevent you from having to deal with a security incident between Christmas and New Year. So, ask yourself the right questions before going on holiday!

Unfortunately for us, this period is also conducive to internet scams. So be careful when you make Christmas purchases on e-commerce sites that you are not used to. This is the period that delivery companies such as Colissimo, UPS, Fedex, DHL or DPD are also regularly impersonated. Be catious with the text messages and emails you receive asking you to pay money to receive your package.

Finally, keep in mind that your bank will never ask you to reset your access, or to connect to your customer account through an email.

After reading this guide, you can now fully enjoy the magic of Christmas protected against any cyber risks!