Downtime for defenders means party time for attackers

Adversaries do not keep to a typical working schedule

As 2023 draws to a close, cybersecurity teams may be looking forward to a well-deserved break before preparing for the year ahead.

However, the unfortunate truth is that adversaries do not keep to a typical working schedule and may see this downtime as an opportunity to attack.

Indeed, according to recent research by Sophos, payloads are typically launched outside of business hours, with many threat groups favouring evenings and weekend to launch attacks, and some coordinating activities to coincide with public holidays.

In addition, attackers are spending less time in networks, and are exfiltrating data faster than ever. Cybersecurity teams must therefore be ready to close the window quickly, stopping adversaries in their tracks.

Teams can't afford to take their eye off the ball, but they are only human. Over holiday periods and downtime, attackers have a greater chance of infiltrating networks, and once they are in, chances are they will steal data. This is why managed detection and response is an essential part of your security arsenal and why round-the-clock monitoring is needed to ensure adversaries do not take advantage of gaps in visibility.

A live webinar next week will look at how adversaries time their activities, and why the holidays may leave organisations especially vulnerable. Based on Computing's research, it will also explore why continuous, proactive monitoring and early detection is essential for organisations of all size.

And finally, it will look to the year ahead and what organisations should be doing to prepare for future threats.

Came along and bring your questions. We promise it will be time well spent.

Webinar Beyond the 9 to 5: How to protect yourself from 'after hours' cyber attacks, 6th December, 3pm. Register today.