Virtualization Technology News and Information
Industry Experts Chime in on the Topic of Cybersecurity Threats over the Holiday Weekend


With the Fourth of July holiday weekend approaching, it's a great time to remind public and private sector organizations to stay vigilant and take appropriate precautions to reduce their risk of cyberattacks. 

According to the Check Point Research (CPR) Threat Intelligence Report, the global average number of weekly attacks on organizations in travel and leisure has gone up by 60% in June 2022 compared with the first half of June 2021. In the period May to August 2021, attacks in these sectors saw a 73% rise and this year is likely to see a similar spike with one of the key trends being hackers impersonating established brands with phishing attacks, as holidaymakers look for last-minute breaks and late availability travel, hotel and attraction deals.

Here's what a few industry experts had to say on the topic of cybersecurity threats over the holiday weekend:


Jonathan Knudsen, Head of Global Research at the Mountain View-based Synopsys Cybersecurity Research Center

"Historically, holidays are a good time to launch an attack. George Washington famously led his troops in an attack on Christmas day in 1776.  

The holidays are typically a time when staffing is lower and fewer eyes are watching for intruders. Today's ransomware attacks attempt to take advantage, using weekend or holiday time for network infiltration and encrypting or exfiltrating a victim's files. 

Organizations in the US should make sure that monitoring is full strength and staff are available  for incident response as we head into the Fourth of July weekend."


Aaron Turner, CTO, SaaS Protect at Vectra

"A significant majority of cyber attacks now are executed by people with profit motivations. The longer that victims take to respond, the greater likelihood that that the attackers can succeed to maximize their opportunities. While ransomware attacks are the focus today, the trend of attackers exploiting vulnerabilities during holidays is one that has been in place for decades. With IT workers wanting to enjoy a holiday with friends and family, security teams may not be fully staffed, administrators with privileges to stop attackers in their paths may not answer calls or emails as quickly, and those reduced resources and delayed responses result in an advantage for attackers.  

In years past, enemies of the United States have attempted to embarrass US government and military cyber security teams around July 4th. At this time of elevated risk due to the Russia/Ukraine conflict, Russia definitely has motivation to exploit the holiday in some way.

Whether it is a nation/state attack attempting to score a virtual victory against the US or a lowly ransomware operating looking to extract some cryptocurrency from an understaffed company whose IT team is taking some time off for the national holiday, there is surely going to be some cyber attack action this coming holiday weekend."


Matthew Warner, CTO and Co-Founder at Blumira

"Threat actors are opportunistic, and they know that IT and security teams will be limited over holiday weekends. Last year, attackers took advantage of the July 4th holiday by launching a ransomware attack on MSPs and their SMB customers through the Kaseya VSA.  

Before the weekend, organizations should ensure that their systems are fully patched to prevent an attacker from exploiting potential vulnerabilities.

It is always extremely important that organizations focus on detecting the first three steps of a ransomware attack: discovery, gaining a foothold, and escalating privileges. Detection, in addition to being aware as to what data you hold, will allow you to quickly respond to attacks and worst case be sure of post-exploitation handling of a ransomware event."


Phil Neray, Vice President of Cyber Defense Strategy at CardinalOps

"Apart from the usual sage advice on ransomware - make sure you're up-to-date on patching and backups, and have already implemented MFA - I recommend making sure you have 24x7 SOC personnel monitoring your networks for any unauthorized or suspicious activity, so they can quickly shut down an attack before it reaches your crown jewels. Even the most rigorous patching regime can't protect against one of your trusted suppliers being compromised in a supply chain attack or one of your users having their credentials stolen, so rapid detection and response is essential."


John Bambenek, Principal Threat Hunter at Netenrich

"Any time there is an extended holiday, ransomware operators use it as an opportunity to be spiteful and to take advantage of lower staffing levels. Any ransomware group planning to use the Fourth of July is already in the network with the access they need and waiting to strike. Here, automated protection is key, for instance, to prevent PowerShell from being used to deploy malware across an environment when no one is around to raise alarm bells."


Brian Spanswick, CISO, Cohesity

"The FBI and cybersecurity officials have previously issued warnings emphasizing that bad actors often deploy ransomware strikes on holidays and weekends, when offices are normally closed. I wouldn't be surprised if cyber criminals have July 4th circled on their calendars.  As we approach this holiday weekend, it's a great reminder that IT and security leaders must work together to safeguard customer and employee data, and have a data security strategy in place that's not only focused on prevention, but also on protection, detection, and recovery.

Our recent research shows that collaboration between IT and security teams is often sub par.  More than 80 percent of IT and SecOps decision-makers agree their organizations would be better prepared to recover from cyber threats, including ransomware attacks, if these groups collaborated more closely. So, to keep bad actors at bay and help ensure business continuity, including during and after the Independence Day holiday, now is the time to optimize collaboration and prioritize next-gen data management that's inline with the NIST Cyber Security Framework."


George Axberg, VP of Data Protection, VAST Data

"The 4th of July, and other long holiday weekends, are historically some of the biggest windows for ransomware attacks.  The onslaught of ransomware has spawned a ‘digital pandemic' in which any organization can suffer crippling attacks and disastrous outcomes. For many organizations, it's not an ‘if' scenario, but rather a ‘when' or a ‘how often' they will be targeted.

Taking proactive measures to protect and harden backup data, while providing optimized restore speeds, should be among organizations' top priorities in the ransomware era. Tools like VAST's Universal Storage architecture enable fast backup and even faster restores of all data, allowing customers to recover quickly in the event of an attack."


Published Friday, July 01, 2022 7:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2022>