Vacation season leaves APAC firms vulnerable to cyberattack

Businesses in Asia-Pacific could find themselves vulnerable to attack during the vacation months, according to Barracuda, which analysed the latest threat insight from its Advanced XDR Platform and 24/7 Security Operations Centre, 

The firm saw a rise in the severity of threats in 2022 during the months when employees tend to book their vacations.

While the volume, nature, and intensity of cyberthreats targeting organisations varies over time, Barracuda saw a spike in attacks to 1.4 million in January 2022, when employees are finishing their New Year break or taking time off for Chinese New Year. 

After this, the number dips by just under three quarters (71.4%.), before spiking again by 1.4 million in June, followed by a gradual decline through July and August, when employees are returning from their summer vacations.

Attacks included successful Microsoft 365 logins from a suspicious country, including Russia, Iran, China and Nigeria. Barracuda classifies these attacks as “high risk” because they offer intruders potential access to all connected and integrated assets the target has stored on the platform. 

Also, 40% of these attacks took place during the 90-day window between June and the end of September, which researchers believe correlates with the summer vacation period.

Other attacks were classified as “medium risk” including malicious communication attacks (15%), where criminals attempt to send a malicious communication from a device within the network to a website or known command-and-control server, and Brute Force user authentication attempts (10%), where automated attacks try to penetrate an organisation’s defences by running as many name/password combinations as they can.

Mark Lukie, Barracuda’s director of solution architects in APAC, said cyberattackers are targeting companies and IT security teams when they are likely to be under-resourced — on weekends, overnight, or during a holiday season, such as Christmas and New Year, Chinese New Year, as well as the summer vacation period, and other festive periods, like Diwali. 

Barracuda recommends that businesses enable Multifactor Authentication (MFA) across all applications and systems and ensure that they have a robust security solution in place to provide email and endpoint protection and response (EDR), and a watertight 24/7 Security Operations Centre (SOC) to monitor, detect, and respond to these cyberthreats.

“Having the right solutions in place is crucial, and as we head towards another holiday period, it’s imperative that businesses across the Asia- Pacific region remain vigilant and don’t forget to back up their data and critical systems,” said Lukie.