Why that is, is nothing more than an exercise in common sense and a clear look at incentives and opportunity. Looking at incentives for anyone often helps to see the world as it is, rather than how we would like it to be.
So it is with online malcontents. We already know their major driving force is money, hence ransomware’s prevalence. Of course, we must also contend with the disgruntled employees, the politically motivated, and the quite simply crazy, but more often than not the incentive is clean and simple. You’re getting hit so someone else can profit.
December and January are when guards are let down. People take their eye off the ball. It’s been an exhausting year, we can’t quite believe where the time has gone, by Gum I need a rest, and so on. To the hacker, that’s opportunity.
Not only that, but especially in New Zealand and Australia, Dec/Jan is our summer holidays. We shut down like few other places on Earth. Everyone is down at the beach and it is glorious.
Glorious for the hackers, too. Because our eyes are off the ball (unless it’s a volleyball) and there’s a skeleton staff in the office, if anyone at all.
Meanwhile, the updates and patches keep coming for all that Software as a Service, the applications, the infrastructure, and everything else we rely on for the other 345 days of the year. With everyone on the beach, but most of the systems and technology still running…well, it starting to look a lot like Christmas. For the hackers, that is.
This isn’t pure conjecture on my part, either. The FBI and the USA’s Cybersecurity & Infrastructre Security Agency issue warnings like this, advising that ‘malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure’.
Wired, meanwhile, has reported on ‘Why Ransomware Hackers Love a Holiday Weekend’. The reason is simple: with fewer people at work (and with those guards well down), a longer linger time during which ransomware can propagate and encrypt is practically guaranteed.
Note, though, that not everyone believes this to be the case. Some research has shown a beach day or two is just as desirable for hackers; news site Axios reports several charming tales of ransomware kingpins enjoying their holidays. It’s charming, because in these incidences, those holidays were interrupted by the long arm of the law. Yes, a vengeful streak exists.
It happens here too.
From my perspective, looking at incentives and opportunity says very clearly that the likelihood of bad actors burning the midnight oil through the holidays makes perfect sense. Particularly when, in New Zealand, we’re still on holiday well into January.
This may be at least part why the Reserve Bank was hit back in 2021. The long story short is that a system compromise resulted in a data leak. The key words in the report carried on RBNZ’s site are these: ‘Following this malicious attack, the software application was secured and closed’; this rather implies an unpatched software system and a relatively rapid solution to the immediate problem.
Be especially vigilant.
Our advice going into the holidays is simple: never let down your guard. Make sure security enjoys the same priority all year round, and if anything, added vigilance is necessary at the times hackers might be more active. Think like a hacker: when would you attack? they’re not stupid, they know when we’re taking it easy. That feeds right into their incentives and creates opportunity.
Don’t let them have a Christmas bonus this year, or any other.
