Just a week before Thanksgiving, shoppers at a Stop & Shop store in Massachusetts was forced to leave empty-handed after a cyber attack on the supermarket chain’s parent company caused a shortage of stock.
Parent company Ahold Delhaize said in a statement earlier this month that it had alerted law enforcement to the cyber breach and had taken some of its systems offline. “While there is some limited inventory for certain products, we are working to re-stock our shelves and anticipate the availability of items to continue to increase over the next few days,” the company said. But the incident may be a sign of things to come during the holiday season, when the cybersecurity crisis will be at its peak.
Already this year, corporate giants like AT&T, Ticket maker and United Health has suffered a crippling cyber attack, and now, businesses are preparing for the holidays, a time when many cyber security operations rely on skeleton staff. But the FBI and the Department of Homeland Security danger that there is no time for him to take a “cyber vacation.”
The vast majority of ransomware attacks that disrupted businesses and organizations last year – 86% – occurred on weekends or holidays, according to a new global study of 900 IT and security professionals released this week by cybersecurity firm Semperis. But the researchers also found that 85% of the organizations they surveyed – 90% in the US – cut their security staff by 50% over the same period.
“This study will say that we didn’t make a wise choice,” former White House “cyber czar” and Semperis strategic adviser Chris Inglis told CBS News. “If you realize that most of these attacks happen on holidays and weekends and you reduce manning, you eliminate the opportunity to have parity with the enemy,” Inglis said. He added, “It’s an advantage for the striker, because he doesn’t take a day off.
According to the report, organizations consistently overestimate their defenses, with 81% of respondents reporting that they believe they have the expertise needed to protect their digital identity from threats. However, 83% of participants suffered a successful ransomware attack in the past year.
Organizations start to feel more vulnerable during the holidays, but Inglis suggests consumers should also be vigilant. Technologies like smart phones and tablets are now cheaper and almost everywhere, but security measures are not taken.
“We haven’t made the necessary investments to make these technologies — or these technology systems — defensible and well-defended,” he said.
According to the survey, mergers, acquisitions, stock launches or layoffs also function as “magnets” for ransomware attacks, with the majority of respondents – 63% – also experiencing a cyber attack after what is known as a “material corporate event.”
With financial executives predicting that President Donald Trump’s return to the White House could lead to a wave of bank mergers and acquisitions, cybersecurity experts worry that cybercriminals will be able to take advantage of the “moment of disruption.”
“Our enemies – be they criminals or foreigners, rogue nations – are testing the waters every day. They know that attention goes up and down,” Inglis said. “When there’s a merger or a transition of administration, it’s a time of disruption. So we can expect him to do what he’s always done. It’s time.”
In February, UnitedHealth Group suffered the biggest hack in US healthcare history after its acquisition of Change Healthcare meant it was handed over outdated technologywith digital systems that have not been secured with multi-factor authentication.
Beyond the anticipated attacks on big bank deals, changes in the administration – regardless of politics – have historically persuaded foreign adversaries to test the defense of the new leadership in Washington. In 2021, President Joe Biden took the fallout from a sophisticated Russian cyber attack that targeted Texas software maker SolarWinds and previously breached approximately 100 top US companies and a dozen government agencies.
In June 2017, the Russian military launched the devastating ‘NotPetya’ cyber attack during Trump’s first year in office, releasing a virus that damaged parts of Ukraine’s infrastructure and crippled computer systems around the world, amounting to billions of damages.
Security staffing also remains a widespread challenge across the industry, with only 85% of organizations maintaining a 24-hour Security Operations Center, according to Semperis, and staffing challenges caused by higher overtime costs when most employees are out of the office. around the holidays.
Contributing to the woes of cybersecurity staff, worldwide cybersecurity workforce growth has been flat for the first time since 2019. With growth of just 0.1% year-on-year in 2024, budget cuts, layoffs and hiring freezes have exacerbated the global staffing shortage of cybersecurity professionals, according to a new report released by ISC2.
The former US national cyber director said he was often asked what kept him awake at night. “It’s not the attackers, the Russians, the Chinese or any ransomware actors. It’s us,” Inglis said. “Sometimes it’s complacency and proactive ambivalence on our part that actually, I think, is more defining of our future.”