Record-breaking 2023 highlights constant cyber threat

There are warnings that cybercrime is for life and not just for Christmas as 2023 has seen risks increase dramatically.

New research by cyber security and insurance firm Resilience Cyber has challenged the conventional belief that cyber risks peak during holiday seasons, revealing that cyber-criminals are now as active in the summer as in the winter months.

Analysis from Resilience Cyber’s global claims database across the UK, Europe, and North America found 2023 marks the most prolific years for ransomware on record.

Ransomware remains the top cause-of-loss, with a 1100% increase in incidents from Q2 2022 to Q2 2023. Notices for 2023 have reached 100% of 2022 levels, and 84% of 2021 levels.

The research found the most active months for cybercrime in 2022 were May, June and December. December 2022 experienced less than a 2x increase in cyberattacks compared to the monthly average.

“Given that data indicates cybercrime has a less seasonal correlation, it is always important to maintain best security practices and vigilance when the workforce is out for vacation at any time of the year,” the research stated. “To help organisations keep their networks safe while enjoying the holiday season, Resilience has identified a list of traditionally seasonal cybersecurity challenges and corresponding strategies to avoid them.

Describing it as the ‘naughty and nice’ list Resilience highlighted:

1 – Unsecured network usage

  • Naughty: Hacking threats surge with public Wi-Fi use, risking unauthorised access. This jeopardises sensitive accounts and data security.
  • Nice: Avoid unsecured Wi-Fi, and if necessary, use a VPN to encrypt data and enhance security.

2 – Phishing scams

  • Naughty: Holiday phishing preys on quick reactions, leading to compromised systems or applications. Human error, the cause of 88% of breaches, exposes companies to fake links and false urgency, compromising security.
  • Nice: Invest in extensive employee training to increase awareness and reduce human error. Verify email senders, especially for unusual or urgent messages.
  • – Ransomware
  • Naughty: Ransomware cripples organisations, pressuring them to pay ransoms for operationality.
  • Nice: Build resilience with collaborative strategies, adopt incident response plans, and consider proven solutions, such as those provided by Resilience.

4 – Strained Network

  • Naughty: Increased web traffic during holidays diverts IT focus, making organisations vulnerable.
  • Nice: Mitigate DDoS risks by reducing attack surfaces, monitoring abnormal web traffic, and ensuring sufficient bandwidth and server capacity.

5 – Reputational Damage

  • Naughty: Holiday scams using your organisation’s name can damage reputation, leading to decreased trust and sales.
  • Nice: Proactive communication minimises reputational damage. Report incidents to law enforcement and customers, offering resources to impacted individuals.

Simon West, head of cyber risk at Resilience, said: “Our data reveals a shift in cybercrime dynamics, breaking away from the conventional holiday surge. Instead, cyber threats are intricately linked to global events, necessitating a more proactive cybersecurity approach.”