Why Ransomware Hackers Love Holidays

Ransomware Hackers

Just a week before the three day Labour Day weekend holiday, the FBI issued a warning, alerting the citizens to be precautious against ransomware hackings. The issue cited incidents to prove that some of the most successful cyberattacks occur during holidays. 

Just take a look at the past few months; May saw two significant ransomware attacks over the holiday season, during Mother’s Day and the Memorial Day weekend. The former that is suspected to be associated with DarkSide paralysed the infrastructural entity in the energy sector, leading to extortion and a week-long halt in operations. On Friday, heading into Memorial Day weekend, the Food and Agricultural Sector was hit and suffered a complete production shutdown. 

It’s easy to say; hackers seem to love holidays. A set of days with everyone out enjoying with their families and being offline? They probably won’t even realise they have been hacked until a few days later. Hackers have been around for years, and holiday hacking isn’t a new trend. The FBI’s warning sure makes it a serious one. 


Sign up for your weekly dose of what's up in emerging technology.

According to CyberRisk Insurance company, Coalition, an increasing amount of hackings are being done using a banking trojan, Trickbot, that installs ransomware. As of July 2019, Trickbot is estimated to have harvested over 250 million IDs and passwords from users opening an attachment or clicking a link. 

Ransomware – the Monster in your Closet

Trickbot first enters a company network through employees opening an infected email attachment or clicking a malicious link from unreliable sources. It goes on to hijack the user’s email account and send the same malicious documents and links to the user’s entire contact list, spreading it as fast as possible through email. Next, the malware secretly installs a program on the infected computers and connects it back to a “command and control” centre that the hackers have complete control over, and by that, the computers. They can further use this to install ransomware, access email, or steal the personal/banking information of the users. Finally, when all the damage preparations have been completed, the hackers spring the tap and activate the ransomware

Download our Mobile App

Ransomware takes time to disseminate throughout a network, and hackers have maximum control over most systems. The holiday distraction means people won’t notice hacking quickly, giving the culprits more time to do all the damage they can fit in. It also means that people will be slow to deal with it since it will be more challenging to hold security than it would on any working day. 

How dangerous is it?

The July 2 ransomware attacks on US cybersecurity is attributed to the REvil gang, a major Russian-speaking ransomware syndicate. In fact, according to cybersecurity researchers, targeting customers of Kaseya could be one of the broadest ransomware attacks on record. The attack affected thousands of victims in at least 17 countries with ransom demands between $45,000 and $5 million. 

Unfortunately, many victims were busy celebrating the weekend by the poolside and did not even realise they had been hit until things reopened on July 5 or 6.

According to the FBI’s Internet Crime Complaint Center (IC3), 2020 saw a record number of 791,790 complaints about internet crimes, with reported losses exceeding $4.1 billion. This is a 69 per cent rise from complaints in 2019. In fact, 2,474 of the complete IC3 reports were malware, a 20 per cent increase from 2019.

How to run from it

Preparation from potential virus attacks works like a vaccine. The point isn’t to prepare prevention one day before a holiday – the chance is, the malware has already been installed on your computer, ready to strike during your Sunday brunch. Instead, you have to prepare a defence against viruses way before the ransomware hits. 

In most cybersecurity circumstances, the FBI and CISA’s guidelines are the best practices:

  • Don’t click on suspicious links.
  • Make an offline backup of your data. 
  • Use strong passwords to secure your user accounts.
  • Make sure your software is up to date, and scan it for vulnerabilities.
  • Use two-factor authentication. 
  • If you use Remote Desktop Protocol or other well known risky servers — proceed with caution.

Lastly, don’t forget to check up on your computer even during holidays. Remember, holidays, though preferred, aren’t the only time for ransomware attacks.  Hence, make sure to keep your digital life as safe and protected as your personal lives!

Support independent technology journalism

Get exclusive, premium content, ads-free experience & more

Rs. 299/month

Subscribe now for a 7-day free trial

More Great AIM Stories

Avi Gopani
Avi Gopani is a technology journalist that seeks to analyse industry trends and developments from an interdisciplinary perspective at Analytics India Magazine. Her articles chronicle cultural, political and social stories that are curated with a focus on the evolving technologies of artificial intelligence and data analytics.

AIM Upcoming Events

Early Bird Passes expire on 3rd Feb

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

3 Ways to Join our Community

Telegram group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our Daily newsletter

Get our daily awesome stories & videos in your inbox

All you need to know about Graph Embeddings

Embeddings can be the subgroups of a group, similarly, in graph theory embedding of a graph can be considered as a representation of a graph on a surface, where points of that surface are made up of vertices and arcs are made up of edges