Cyber Halloween – Just take the treat, but do not get tricked

Cyber Halloween is just around the corner, and you can already sense the spookiness in the air. But this month is not all about Halloween, tricks, and treats; it is also about cybersecurity awareness. Most people might think, what do Halloween and Cybersecurity have in common? Halloween is all about scary stories, and we can all agree that all hacking stories we have heard so far are more than terrifying. The sole factor that makes this case so frightening is that all of them are real and could be happening to us.

The number of cyber-attacks, especially ransomware attacks, has increased enormously, and it seems that these numbers are only going up. All the statistics for the first two quarters of this year are in scary numbers. We are now numbering over 9.1 million data breaches experienced by internet users worldwide. And during the spooky season of October, the number tends to go a little higher. Since this is a time when e-commerce has a bounce in sales, and all users refer to online websites, the risk of getting exposed to such danger increases highly. We could be facing data breaches, information system corruption, and even business interruption. Unfortunately, these attacks and more are widespread, and the possibility of them happening to us is pretty strong.

The scary tales from past Halloweens – How scary can it get?

The frightening truth is that data breaches are widespread and happen to companies of all sizes. In the last year, many major brands have experienced their scary security crisis’, including LinkedIn, T-Mobile, and Audi. For example, last year, on June 2021, more than 700 million user data were breached from LinkedIn and exposed on the dark web by a user called the God User, who even bragged about the data exposure.

But data breaches are not the only thing to watch out for; during this time, organizations and companies need to be on alert. A cyber attack that happened a year ago during Halloween was a ransomware attack that targeted a candy factory. Candy is one of the main treats circulating during Halloween; the industry pulls in a whopping $4.6 billion of its $36 billion in yearly sales. And, of course, the perfect time to get hit by ransomware would be during the Halloween season. The Ferrara Candy Co, based in Chicago, was the victim of this fatal attack a year ago, which led to production disruption that resulted in a significant shortage of classic candies. Fortunately, Ferrara says that most of its Halloween shipments had already been sent out before the incident.

Cybersecurity Halloween
top 3 security trends. Credits to FinancesOnline

Tricking the attackers by having an excellent cyber defensive treat

With an increase in cyber-attackers seeking to penetrate secure networks through “backdoors,” it is essential that organizations continue to add to their cybersecurity arsenal. A comprehensive cybersecurity defense should include prevention techniques, visibility, and early detection. Here are some sweet suggestions from us to not get tricked during this year’s Halloween season.

A multi-layered cyber security strategy is critical. Multi-factor authentication is a fa-boo-lous way to add an extra layer of protection to your passwords. This means that, even if cyber criminals do obtain your login details, they cannot log in to your accounts without another means of verification. Adding more security layers will help confirm a person’s identity and keep the blood-sucking hackers out.

Password managing. There are a lot of password-managing tools out there (some of them for free) that do a great job at managing our multiple passwords and encrypting them to keep them safe from hackers’ intentions. Once you’ve set up your account with a password manager, you’ll be able to log in to all your other accounts automatically without needing to remember each password. This enables you to create long, complex passwords without worrying about forgetting them.

Nonstop monitoring, even outside your perimeter. What I mean by this is always to look at what is going on in dark or underground communities, such as the dark web. Dark web monitoring means continually searching the dark web to be on the lookout for any of your details or sensitive data getting exposed since they can be sold to cyber criminals who can use them maliciously to launch a cyber-attack.

You are preparing for the ‘battle.’ One of the most significant weaknesses in a business is often the naivety of its employees. Suppose your team needs to identify a security risk quickly. In that case, they could end up putting your passwords, sensitive data, and business at risk. Cyber awareness training should be a periodic event, not only for the season holiday. By doing cyber awareness training, you can teach employees how to identify and combat security threats.

So overall, it shouldn’t come as a surprise that cyber criminals will increase their level of attacks. Hackers spend this time snooping around the victim’s network, looking for sensitive information to snatch or other vulnerable systems to compromise. Months can sometimes occur between the initial breach and the launch of a full-blown attack. What we have to do is to be prepared to face these attacks coming our way. This year don’t just dress up and get ready to party or go for treats, but also wear your amour of knowledge and protect yourself from any cyber risks and attacks that may lurk their way in your direction.

Kristi Shehu is a Cyber Security Engineer (Application Security) and Cyber Journalist based in Albania. She lives and breathes technology, specializing in crafting content on cyber news and the latest security trends, all through the eyes of a cyber professional. Kristi is passionate about sharing her thoughts and opinions on the exciting world of cyber security, from breakthrough emerging technologies to dynamic startups across the globe.