SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Firewall
APAC businesses vulnerable to cyberattack during holidays
Wed, 9th Nov 2022
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Businesses in Asia Pacific could find themselves vulnerable to attack during the holiday months, according to cloud-first security solutions provider Barracuda.

Analysing the latest threat Insight from Barracuda's Advanced XDR Platform and 24/7 Security Operations Centre, the firm saw a rise in the severity of threats in 2022 during the months when employees tend to book their vacations.

While the volume, nature, and intensity of cyberthreats targeting organisations varies over time, Barracuda saw a spike in attacks to 1.4 million in January 2022, when employees are finishing their New Year break or taking time off for Chinese New Year. After this, the number dips by just under three quarters (71.4%.), before spiking again by 1.4 million in June, followed by a gradual decline through July and August, when employees are returning from their summer vacations.

Attacks included successful Microsoft 365 logins from a suspicious country, including Russia, Iran, China and Nigeria. Barracuda classifies these attacks as high risk because they offer intruders potential access to all connected and integrated assets the target has stored on the platform. Interestingly, a huge 40% of these attacks took place during the 90-day window between June and the end of September, which researchers believe correlates with the summer vacation period.

Other attacks were classified as medium risk including malicious communication attacks (15%), where criminals attempt to send a malicious communication from a device within the network to a website or known command-and-control server, and Brute Force user authentication attempts (10%), where automated attacks try to penetrate an organisations defences by running as many name/password combinations as they can.

"Cyber attackers are targeting companies and IT security teams when they are likely to be under-resourced. This could be on weekends, overnight, or during a holiday season, such as Christmas and New Year, Chinese New Year, as well as the summer vacation period, and other festive periods, like Diwali," says Mark Lukie, Director of Solution Architects, APAC, Barracuda.

"Barracuda recommends that businesses enable Multifactor Authentication (MFA) across all applications and systems and ensure that they have a robust security solution in place to provide email and endpoint protection and response (EDR), and a watertight 24/7 Security Operations Centre (SOC) to monitor, detect, and respond to these cyberthreats," he says.

"Having the right solutions in place is crucial, and as we head towards another holiday period, it is imperative that businesses across the Asia Pacific region remain vigilant and do not forget to back up their data and critical systems."

Related stories
Half of online traffic in 2024 generated by bots, report finds
Understanding the key to boosting cybersecurity habits: Kaspersky study
Axis unveils hybrid cloud platform for adaptable security solutions
Keeper Security launches user-friendly passphrase generator
Spirent partners with online payments platform to boost cyber defenses
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services