Why cybercrime groups become more active during the holidays

Less than two weeks before Christmas, Mayor LaToya Cantrell of New Orleans declared a state of emergency after she was informed of a major cyberattack on the city’s networks. Following the advice of IT security managers, Mayor Cantrell ordered an immediate shutdown of municipal data centers, servers, hybrid cloud networks, and even internet-connected client devices.

Less than two weeks before Christmas, Mayor LaToya Cantrell of New Orleans declared a state of emergency after she was informed of a major cyberattack on the city’s networks. Following the advice of IT security managers, Mayor Cantrell ordered an immediate shutdown of municipal data centers, servers, hybrid cloud networks, and even internet-connected client devices. According to a news report published by The New Orleans Times-Picayune, IT security specialists detected an unusual increase in suspicious network activity, and it seemed as if a ransomware attack was imminent.

The order from City Hall forced municipal employees to work with pen and paper until further notice; even the website that serves as an internet portal for residents of New Orleans was taken offline. For Chief Information Officer Kim LaGrue, the decision to issue a state of emergency declaration was made based on the seriousness of the threat. Port scanning and a flurry of phishing emails suggested that a specific cybercrime group, perhaps the same group that effectively launched a SamSam ransomware attack on the Louisiana Department of Motor Vehicles in late November.

WHY CYBERCRIMES ARE MORE COMMON DURING HOLIDAYS

It is not surprising to learn about ransomware attacks taking place in November and December, a time of the year when IT departments give time off to staff members who wish to spend time with loved ones during the holidays. Similar to pickpocket networks that take advantage of an abundance of shoppers during the holidays, cybercrime groups are known to “time the market” and decide when to strike. It seems as if New Orleans was prepared to deal with the attack and opted for mitigation even though the municipal IT department has a good data backup and recovery solution in place.

Compared to American cities such as Atlanta and Baltimore, which suffered crippling ransomware attacks earlier this year, New Orleans is certainly better prepared. Aside from the backup and recovery system, municipal employees are trained on how to recognize phishing attacks. The IT department pays attention to suspicious traffic, particularly during the holidays, and the city is able to go offline when required.

Sonic Systems has two solutions similar to the security measures that the City of New Orleans has in place. Sonic Network Protection provides a monitoring platform that alerts of real-time issues so that immediate action, often automated, can be taken. The SonicSafe backup and disaster recovery (BDR) server is one of the best measures you can take to guard against ransomware attacks. For more information about protecting your office networks during the holidays, contact one of our security specialists today.