Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/11/2019
12:01 PM
50%
50%

Summer: A Time for Vacations & Cyberattacks?

About a third of cybersecurity professionals believe that their companies see more cyberattacks during the summer, but the survey data does not convince on the reasons for the perception of a summer bump.

Ah, summer. Sweltering days, family vacations, the annual Black Hat and DEFCON conferences, and — more cyberattacks?

In a survey published on July 11, security firm Lastline found that 58% of security professionals believe there is some seasonality in the attacks on their company, and the majority of that portion — about 52% — peg summer as the prime time for breaches. Both phishing and malware attacks are more likely to be encountered during the summer months, according to the survey of 1,000 security professionals, with 47% and 44% of respondents seeing more of each of those attacks, respectively.

The results are interesting and should raise questions for companies, says John DiLullo, CEO of Lastline.

"I don't claim to know what is going on in the cybercriminal's mind, but there is some logic to saying that I may get a higher return on my effort during the summer months, especially when my efforts are aimed at individuals," he says.

The timing of cyberattacks have been an occasional topic of researchers' investigation. 

A study of 850 attacks in 2017 and 2018 against UK universities found that the attacks often corresponded to the times of the year when students were at school, suggesting that many of the attacks may be initiated by students. The study, by the Joint Information Systems Committee (JISC), found that attacks dropped off significantly during the summer, dropping from an average of one attack a week during the summer months, from up to 60 a week in the fall.

Yet, the feeling among security professionals that summer is high time for sun and cyberattacks persists. A 2017 blog post by former security firm Secdo, bought by Palo Alto Networks in 2018, also argued that summer, with lower staff counts and workers connecting to unsecure Wi-Fi, continues to endanger corporate networks.

"Summer is an opportunity for hackers to take advantage of less staff on call and increased remote access combined with possible ignorance when it comes to the use of public Wi-Fi and mobile network security," the company stated in an archived blog post.

Lastline's survey sheds some light on security professionals' perceptions of the summer bump in cyberattacks. A third of respondents blamed remote working for the increase in seasonal threats, with the largest portion of security professionals — 68% — most worried about employees connecting to unsecured public Wi-Fi hotspots. Other major worries include workers clicking on phishing emails or interacting with spearphishing attacks, leaving their computers unlocked in public locations, and using unapproved applications, according to the report

"When people are working from home or working remotely, there is a dynamic that happens that — because they are not behind that perimeter in their office, are working with public Wi-Fi providers and on personal devices — you perhaps don't have as much endpoint protection as in the office," DiLullo says.

The other common perception is that a shortage in staffing leads to a slower response time. With security staff on vacation, many companies assume that response time would be slowed. Yet Lastline's survey found the opposite — more security professionals felt that they would respond more quickly to cyberattacks during summer months. In fact, 36% of respondents thought their response to an incident is faster in the summer than other times during the year. Almost half of respondents thought it would be unchanged, and only 12% thought they would be slower.

Companies should still work to speed their response, says Lastline's DiLullo. 

"If you don't have the response process automated, and if you find yourself down 20% of your resources, you can imagine the impact that might have on your capability," he says.

Whether the perceived summer bump is supported by other data and what is behind any actual increase in attacks during the summer is unclear. In addition, the survey is not without its inconsistencies. While 53% of respondents initially answered that they did see a seasonal change, a later question — on whether they thought it was due to remote work — suggests that 74% assume there is a seasonal increase in attacks.

Lastline's DiLullo acknowledges that the survey raises more questions than it answers.

"I think it is impossible to know exactly what is at the root of this," he says. "Even the respondents didn't necessarily cite hard evidence."

Related Content

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GiovanniV931
50%
50%
GiovanniV931,
User Rank: Author
7/14/2019 | 2:56:45 PM
Cybercrime does not sleep?
I think that cybercriminal perceive the key role that humans play in breach detection, and, therefore feel that the probability of being detected might decrease during summer month...
HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5347
PUBLISHED: 2020-04-04
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.
CVE-2020-5348
PUBLISHED: 2020-04-04
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFI_BOOT_SERVICES structure to execute arbitrary code in system management mode.
CVE-2020-8142
PUBLISHED: 2020-04-03
A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the password. It was how...
CVE-2020-8143
PUBLISHED: 2020-04-03
An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/...
CVE-2020-8147
PUBLISHED: 2020-04-03
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend.