The lead-up to Christmas is a time of merriment and festivities for many. 

However, for those who are the victims of cyber attacks it can prove a period of crisis and significant challenges.  Whilst the risk of cyber incidents is year-round for all organisations, this risk is heightened around the Christmas and New Year period. 

That is particularly the case this year, as underlined by the speech given in the last few days by Richard Horne, the CEO of the National Cyber Security Centre, who stressed that the UK is underestimating the severity of the online threat it faces - from state actors to criminal gangs. He identified the increased frequency, sophistication and intensity of hostile activity in UK cyberspace and issued a rallying cry to all organisations, public and private, for collective action in viewing cyber security as both an essential foundation for their operations and a driver for growth.

The past few months has seen a levelling-off of reported cyber attacks. This could result from the NCA’s successful take-down earlier in the year of LockBit, a hugely prolific cyber gang or, more ominously, after a period of relative quiet, attackers may be gearing up for a spate of targeted, seasonal actions.   

The festive period has always been a particular time of threat. Organisations and employees face elevated pressures of business in the run-up to Christmas – business demands, impending annual leave for many employees, major deadlines – all of which can distract attention, and leave a business exposed to a cyber attack.  Phishing emails and fake websites (including donation sites masquerading as charities) are common tools at this time of the year, when online spend and transfers of funds are ramped up.  Working remotely and reliance on mobile or personal devices can also be more prevalent during holiday periods, and the likelihood of clicking a phishing email is materially increased on mobile devices. 

The risk is not only that there is a heightened chance of an attack but that, due to public holidays and annual leave, resourcing challenges mean that an attack or breach may not be spotted at the earliest opportunity and there can be damaging delays in decision-making.  It can be very difficult to obtain rapid external cyber incident support (such as cyber response partners, IT, legal etc.) to support an organisation’s response at this time of the year, unless engagement has been formalised in advance.  All of these factors can mean that an incident, which at any other time of the year could be identified and dealt with quickly, can escalate into a significant and crippling issue for the organisation.

To help your organisation be as prepared as possible, we recommend that you take steps to:

• Issue a reminder to all employees to be vigilant of phishing emails (and ideally provide them with some examples of typical festive scams such as fraudulent delivery updates or Christmas gift card promotions and surveys).
• Ask those employees in finance teams or who deal with payments for you organisation to double check before making any online payment or transfer especially if it is unexpected, unusual or to a different account. Emphasise that urgency and pressure to pay is a major red flag!
• Ensure that your software systems are all up to date and there is a robust approach to patch management to reduce any ability to target outdated systems.
• Make sure that your organisation has a cyber incident response plan and that all employees have ready access to it even if your systems are inaccessible.
• Ideally confirm that you have external resourcing (IT, cyber response, legal etc.)  instructed and on hand.
• Ensure that senior decision-making coverage is in place, particularly risk, IT, information security and legal over the festive period.

Being aware of the risk, and taking steps now to prepare, could be the key to your business continuing to operate smoothly over Christmas and into 2025.

Burness Paull’s leading cyber security, data protection and group litigation experts have significant experience in managing cyber security risks and best practices. Our team are on hand to support you on your cyber resilience journey, from implementing protective measures to handling a full-scale incident. Please get in touch with any of our team to discuss your needs.

Written by

Related News, Insights & Events