Downtime for defenders means party time for attackers

Adversaries do not keep to a typical working schedule

clock • 1 min read
Downtime for defenders means party time for attackers
Image:

Downtime for defenders means party time for attackers

As 2023 draws to a close, cybersecurity teams may be looking forward to a well-deserved break before preparing for the year ahead.

However, the unfortunate truth is that adversaries do not keep to a typical working schedule and may see this downtime as an opportunity to attack.

Indeed, according to recent research by Sophos, payloads are typically launched outside of business hours, with many threat groups favouring evenings and weekend to launch attacks, and some coordinating activities to coincide with public holidays.

In addition, attackers are spending less time in networks, and are exfiltrating data faster than ever. Cybersecurity teams must therefore be ready to close the window quickly, stopping adversaries in their tracks.

Teams can't afford to take their eye off the ball, but they are only human. Over holiday periods and downtime, attackers have a greater chance of infiltrating networks, and once they are in, chances are they will steal data. This is why managed detection and response is an essential part of your security arsenal and why round-the-clock monitoring is needed to ensure adversaries do not take advantage of gaps in visibility.

A live webinar next week will look at how adversaries time their activities, and why the holidays may leave organisations especially vulnerable. Based on Computing's research, it will also explore why continuous, proactive monitoring and early detection is essential for organisations of all size.

And finally, it will look to the year ahead and what organisations should be doing to prepare for future threats.

Came along and bring your questions. We promise it will be time well spent.

Webinar Beyond the 9 to 5: How to protect yourself from 'after hours' cyber attacks, 6th December, 3pm. Register today.

 

Related Topics

You may also like
SophosEncrypt: Researchers expose new ransomware abusing the Sophos name

Threats and Risks

SophosEncrypt: Researchers expose new ransomware abusing the Sophos name

The executable uses 'Sophos' in the ransom notice and the '.sophos' extension for encrypted files

clock 19 July 2023 • 3 min read
3CX admits supply chain attack

Threats and Risks

3CX admits supply chain attack

Trojanised version of the 3CX desktop VoIP app observed communicating with C2 servers

clock 31 March 2023 • 2 min read
Over 4,000 Sophos firewall servers still vulnerable to code injection vulnerability

Threats and Risks

Over 4,000 Sophos firewall servers still vulnerable to code injection vulnerability

Miscreants could use the bug to launch remote code execution attacks

clock 18 January 2023 • 3 min read
Author spotlight

Computing Staff

View profile
More from Computing Staff

SoftBank looking to buy UK AI chip designer Graphcore, report

Security Excellence Awards – winners revealed!

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

Why cybersecurity staff burn out, and what to do about it
Security

Why cybersecurity staff burn out, and what to do about it

The 'cyber skills gap' results from lack of support, career path and understanding risk

John Leonard
John Leonard
clock 14 May 2024 • 13 min read
CISOs call to ditch the 'stigma of blame' in cybersecurity
Security

CISOs call to ditch the 'stigma of blame' in cybersecurity

Ditching ‘Humans are the weakest link’

Tom Allen
Tom Allen
clock 13 May 2024 • 2 min read
IT Essentials: A cyber staycation
Security

IT Essentials: A cyber staycation

The UK made headlines in security news

Tom Allen
Tom Allen
clock 07 May 2024 • 3 min read