How the Phish Stole Christmas: Stay Secure Against Holiday Attacks
It’s the most wonderful time of the year… for cyber criminals as well.
It’s no secret that cyberattacks are growing in both frequency and complexity. In fact, the Federal Bureau of Investigation (FBI) reported that ransomware payments exceeded $400 million in 2020 alone. This number is only expected to rise in 2021—with the FBI citing a 62% increase in reported ransomware complaints in the first two quarters of the year and a 20% increase in reported losses compared to the same time frame in 2020.1
‘Tis the season
This alarming trend can be compounded by extra seasonal risk. Thanks to increased e-commerce sales as well as reduced staff and access to IT resources, more chances arise for security breaches, data theft and related disruptions during the holidays. Which is why it comes as no surprise that the FBI has observed that attackers target increasingly impactful attacks on or around holidays. According to the Cybersecurity & Infrastructure Agency, “this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”1
In addition to this trend of holiday attacks, Lumen’s Quarterly DDoS Report Q3 2021 revealed an alarming jump in DDoS attacks targeted specifically at the retail industry. Compared with <1% of attacks in Q1 and Q2, the retail industry was the target of 12% of the largest DDoS attacks in Q3—making it the third-most attacked industry that quarter.
As we approach Cyber Monday—which saw $10.8 billion in sales in 2020, setting a U.S. record for highest sales in one day—it’s critical for businesses to secure their IT infrastructure.2
Make a cybersecurity list (and check it twice!)
As a single provider of network and security solutions, Lumen is well-positioned to guide businesses small and large through the cybersecurity landscape to ensure your company is protected and secure. The Lumen threat-intelligence arm, Black Lotus Labs®, monitors ~195B NetFlow sessions every day, leveraging our extensive network visibility to both help protect your business and keep the internet clean.
Check out these security tips for how to proactively prepare for and defend against an attack:
- Be prepared: In the case of a cyberattack, it’s crucial to have a plan in place. You can order Lumen DDoS Hyper® in minutes to combat an active DDoS threat if you have the necessary information on hand. Refer to this checklist for the required information to order Lumen DDoS Hyper.
- Get familiar: Current Lumen network and security customers should set up Admin access in the Lumen Control Center prior to experiencing an attack. With the Admin role appropriately assigned, you can turn up services in near real time to mitigate active threats.
- Know your vulnerabilities: Check out this infographic for an overview of common vulnerabilities and the appropriate security solution for each one. Lumen also offers two security assessments that can help you understand where your business is vulnerable.
- Lumen’s Security IT Assessment quickly uncovers weaknesses in an organization’s public-facing environment, identifies current vulnerabilities, and provides security-improvement recommendations.
- Lumen’s Ransomware Assessment is a more in-depth, comprehensive, and ongoing assessment that pairs you with a designated consultant to review your security procedures and provide recommendations.
- Real-time mitigation: Under attack? Turn-up Lumen DDoS Hyper in minutes to combat an active threat. Check out the How to Order DDoS Checklist for all the information needed to order this self-serve solution. Use Lumen’s “click to chat” function for assistance from the Digital Operations Center, if needed.
 Cybersecurity & Infrastructure Agency. https://us-cert.cisa.gov/ncas/alerts/aa21-243a
This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2021 Lumen Technologies. All Rights Reserved.