Incident Response, TDR

Cybercrime expected to ramp up during holiday season

With the holiday season just weeks away, cybercriminals are beginning to shift their efforts into high gear, security vendors are warning.

Vendors have forecast that cybercriminal activity will hit an all-time high sometime around Thanksgiving and will remain high throughout the holiday season.

The Monday after Thanksgiving is referred to as “Cyber Monday.” It's the “Black Friday” of the cyber world -- that is, one of the biggest online shopping days of the year.

Security vendor PC Tools analyzed threats to more than 500,000 computer users. Last year, it saw an increase in cyberattacks starting in mid-October and a peak the Monday before Thanksgiving. If the pattern holds true, the most dangerous online shopping day of the year will to be Nov. 24, the Monday before Thanksgiving, Michael Greene, vice president, PC Tools, told on Monday.

Based on PC Tools' research, during the Monday before Thanksgiving of 2007, users were targeted with six times more spyware than average, Greene said.

“Malware writers know that people are going online shopping and making online purchases,” Greene said. “They are trying to get their stuff on the computer before the digital Black Friday starts. It doesn't make sense to get on after that day.”

Security vendor Webroot Software reported an 87 percent increase in malicious URLs from October through December 2007 compared to earlier in the year.

During the last three months of last year, Webroot saw an increase in a wide variety of cyberthreats including malware, keyloggers, trojan downloaders and backdoor trojans, Paul Piccard, director, threat research at Webroot, told on Monday. 

Enterprises should be aware of the dangers of the increase in cyberthreats during the holiday season, said Piccard.

“Enterprises have far more machines and end users, and have far more exposure to security threats because of that,” he said.

Businesses can take a number of steps during the holiday season. It's important to ensure all machines are patched and up to date, including all perimeter devices, Piccard said. Also, enterprises should ensure they have up-to-date malware protection on desktops and that they are effectively filtering spam and unwanted emails.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.