Cybercriminals don’t rest

OptimumTICan organization dedicated to improving the management and use of Information and Communication Technologies (ICT) under cybersecurity governance, warns of an increase in cyberattacks during the summer months. While many employees are enjoying their free time, cybercriminals are stepping up their malicious activities, exploiting vulnerabilities in corporate and personal systems.

Vulnerabilities during holiday periods

During the holidays, it’s common for businesses to operate with reduced staff, which can lead to less oversight of security measures and slower response to incidents. Additionally, employees accessing corporate networks from remote locations may do so using insecure connections, thus opening new doors to attackers.

OptimumTIC is an organization dedicated to improving the management and use of Information and Communication Technologies (ICT) under the Cybersecurity Government

Main threats during the summer

• Phishing and spear phishing: Cybercriminals send fraudulent emails that appear to come from trusted sources, tricking users into revealing sensitive information.

• Vishing: Vishing (or voice phishing) is a fraud carried out via a telephone call with the aim of obtaining the user’s personal data. To obtain this information, the adversaries usually impersonate a third party.

• Ransomware: Data kidnapping remains one of the most lucrative tactics, with attacks that encrypt information and demand a ransom to release it.

• Mobile device attacks: Mobile phones and tablets, used more frequently during the holidays, are attractive targets for attackers who

They seek to steal personal or corporate information.

• VPN vulnerabilities: Virtual private network (VPN) connections can be vulnerable if not properly configured or updated.

During the holidays, it is common for businesses to operate with reduced staff, which can lead to less oversight of security measures and slower response to incidents.

Recommendations from OptimumTIC

To mitigate these risks, OptimumTIC recommends to organizations and

individuals follow a series of good cybersecurity practices:

• Constant updating: ensure that all systems, equipment, devices, and applications are updated with the latest patches or security versions.

• Education and awareness: training employees on cybersecurity risks and how to identify potential threats, from their own use of technologies, networks, web access, privacy, data security…

• Secure access: Use secure connections and trusted VPNs to access corporate networks from remote locations.

• Monitoring and response: Maintain continuous monitoring of networks and have a well-defined incident response plan.

• Multi-factor authentication: Implement multi-factor authentication to add an additional layer of security to access.

• Use strong passwords: For each online account, we recommend using unique passwords with more than 20 characters containing uppercase and lowercase letters, numbers, and symbols. Since remembering these passwords can be a difficult task, you can use a password manager, a program used to securely store many credentials. This way, you will only need to remember the password used to access said program.

Digital security should not take a break during the summer. OptimumTIC urges companies and users to apply cross-cutting cybersecurity measures, both technical and regulatory, constant training, and legal under legislative regulations, and above all to remain vigilant and proactive to protect against cyber threats or social engineering scams caused by the theft of massive amounts of data from large organizations that have been obtained through networks. Prevention and preparation are key to maintaining security at any time of the year.