Year-End Slowdown Doesn’t Stop Cybercriminals
Staying safe over the holidays
As the end of the year approaches, many organisations wind down, shift to reduced staffing levels, or close entirely for a few days. Sadly, cyber criminals don’t. Seasonal lulls present the perfect opportunity for opportunistic cyber activity. At this time of year, with fewer people on call, slower response times, and employees who may be distracted by all the festive fun, SME businesses in particular look like more tempting targets than ever for cyber criminals.
A little preparation before everyone heads off for their well-earned break can dramatically reduce the risks, and make life a lot less stressful if something should happen.
Staying vigilant
Treat seasonal messages with scepticism
Every year brings a fresh surge of holiday-themed phishing: fake parcel tracking links, charity appeals, gift card promotions, Christmas bonus notices, and spoofed invoices. Encourage your teams to pause before clicking, even if a message appears to have come from a colleague or trusted supplier.
Double-check financial or account-change requests
The threat posed by business email compromise is especially severe during busy periods, when approvals may be rushed. The golden rule applies more than ever now: use a separate trusted channel to verify any request involving payments, bank details or user access changes.
Keep personal and work activity separate
Remind your staff to avoid mixing personal shopping, streaming or downloads with corporate devices. It’s also important to encourage them not to log into corporate systems from unsecured personal devices over the holiday break.
Review accounts before you close the year
Disable or delete dormant accounts, remove access for recent leavers, and ensure temporary project permissions are revoked. Quiet periods are a favourite time for attackers looking to exploit overlooked access vulnerabilities.
Make sure everyone knows who to call
If something should go wrong, the worst-case scenario is uncertainty. Circulate a simple escalation path detailing who handles what, and how they can be reached out of hours. That way no one wastes precious time wondering what to do.
Strengthen protections before you switch off
Take a clean offline backup
And make sure it’s usable! Backups that live permanently on the network are at risk of encryption or deletion during a ransomware attack. A tested offline copy is one of your strongest safety nets.
Reduce the number of open doors
Turn off VPNs, remote access tools, and internet-facing services that that you won’t be needed over the festive break. Even a short period of reduced exposure can make a meaningful difference.
Power down anything you can
If your business operations allow, shut down desktops, lab machines, servers and NAS devices. Fewer running systems means fewer potential entry points.
Keep detection switched on
Make sure alerting is working - and monitored
One of the most common issues we see is EDR or XDR alerts firing over the holidays, with no one available to act on them. Be sure alerts route to a monitored mailbox, device or partner. If your provider offers festive-period coverage, make sure it’s enabled and tested.
Run a quick health check on logging and monitoring
Make sure your log storage isn’t full, your sensors are online, and nothing has silently failed. A few minutes of checking now can prevent many hours of post-holiday forensics.
A safer year-end is good for everyone
You can’t count on cyber criminals to put their feet up over the holidays. But, by following simple practical rules like those above, you can head into your end-of-year break with confidence. A bit of preparation now means fewer interruptions, less risk of a very non-festive cyber nightmare, and a much calmer return to work.
Stay safe, stay secure, and enjoy a peaceful and restorative break.
