Insight – Holiday Threat Awareness 2023

by | Dec 1, 2023 | Blogs

Amidst the hustle and bustle of holiday preparations and last-minute shopping, cybercriminals often take advantage of the increased online activity and spending complacency of individuals and businesses. Can you imagine the chaos if cybercriminals successfully targeted popular retail outlets, major airlines, or shipping companies? Those retail outlets could have issues processing sales and fulfilling their orders, airlines could cease operations, and shipping companies could miss delivering gifts in time for the holidays. Invariably, such an attack would leave customers stranded and angry, and those affected companies would be left with no other option than to give in to the ransom demands of cyber criminals to bring their systems back online. With so much riding on the holiday season, it is crucial that we ensure the security of our digital assets and safeguard our organizations against potential cyber threats. 

You may be wondering how likely it is that we’ll see a major cyber incident affecting considerable portions of the general public this December. The answer: very likely. Consider the fact that we have seen a major cyber-related incident each December for the last three years. Recalling the events from last December (2022), notable cybersecurity incidents affected Uber, Okta, and LastPass:

  • Uber: The rideshare company experienced a high-profile data leak during which sensitive employee and company data were exposed. Attackers compromised an AWS cloud server used by a third-party vendor that provides asset management and tracking services.
  • Okta: The identity and access management company faced a cybersecurity incident where a hacker accessed its source code following a breach of its GitHub repositories. Once Okta identified the issue, they placed temporary access restrictions on the repositories and suspended all GitHub integrations with third-party applications. Fortunately, no customer data was impacted by this breach. 
  • LastPass: The password and identity management company encountered two distinct cybersecurity incidents. The first involved a threat actor targeting a software engineer’s company laptop, providing unauthorized access to a cloud-based development environment. The access allowed the cyber threat actor to steal source code, technical information, and internal system secrets. The second incident featured a cyber threat actor targeting a senior DevOps engineer by exploiting vulnerable third-party software. The accessed data included system configuration data, API secrets, third-party integration secrets, and encrypted and unencrypted LastPass customer data. 

In 2021, the discovery of the Log4Shell vulnerability that December sent shockwaves through the digital landscape. The widespread and critical vulnerability in the Apache Log4j library exposed countless systems to potential exploitation. The exploit, officially known as CVE-2021-44228 or log4shell, allowed attackers to execute arbitrary code remotely, posing a severe threat to the security of various software applications and systems globally. 

Another notable cyber attack was when the software company SolarWinds was hacked in 2020. That attack led to one of the biggest breaches of the 21st century, underscoring the sophisticated nature of modern cyber threats. The supply chain attack targeted the SolarWinds Orion platform, compromising software updates distributed to thousands of organizations. The cyber threat attackers infiltrated numerous government agencies and private companies.   

While it is nearly impossible to predict exactly what cyber threat actors will do this holiday season, we know that maintaining vigilance is crucial for ensuring the security of your systems and networks. Cyber vigilance is also paramount to safeguarding your personal and financial information, as increased online activities and festive shopping create opportunities for cyber threats and scams. Adopting an autonomous approach to proactively finding, fixing, and verifying your exploitable vulnerabilities should be the first line of defense in safeguarding your organization from cyber threats. It can also save your security team valuable time. By incorporating a continuous penetration testing cadence, you will get prompt results to fix what matters most while ensuring timely mitigations and verifications, providing you and your organization with the much-needed time to kick back and enjoy the holidays!

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.