The holiday season is here, and organizations are facing an increased risk of cyberthreats with a notable focus on the activities of access brokers. These threat actors specialize in gaining and selling unauthorized access to organization accounts by orchestrating social engineering campaigns and exploiting seasonal vulnerabilities. There has been a significant surge in access broker activity, especially towards the end of the year. Cybercriminals are capitalizing on the distracted workforce, reduced staff, and operational changes that are typical during the holiday season.

During the holiday season, cyber-threats intensify, with increased online activities and vulnerabilities. Ransomware, constituting nearly 25 percent of malicious attacks in 2023 with average costs exceeding $5 million, strategically exploits the holiday period, taking advantage of limited IT support for impactful network exploitation and ransomware propagation.

Access brokers are a notable threat during this season and actively participate in sophisticated social engineering campaigns, exploiting vulnerabilities, and orchestrating well-crafted attacks. Phishing escalates, creating a surge in promotional emails and mimicking seasonal content, such as order and tracking emails, charity requests, and holiday event messages. Spear-phishing campaigns see a notable uptick as well, boasting an average click-through rate of 11 percent.

Concurrently, Distributed Denial of Service (DDoS) attacks proliferate, with approximately 7.9 million incidents recorded globally in the first half of 2023, marking a 31 percent increase from the previous year. These attacks strategically target eCommerce businesses and financial institutions during holiday peaks, aiming to disrupt operations in industries experiencing a surge in internet traffic.