The seasonality of Cyber Crime

Ransomware is now seasonal


“And how your educational year starts?”

Recently, we’ve seen two high profile attacks on two UK based universities. Both attacks bearing hallmarks of ransomware, with one being claimed by DoppelPaymer.

I recently read an article about general crime being seasonal, the same appears to be apparent with the cyber space. We can see in the below screenshot, the DoppelPaymer gang highlighting the crucial time of the year for the university to be facing such issues.

Ransomware attacks; our weekly occurance at the moment, just as common as phishing, has now become ‘seasonal’.

Seasonal Phishing

Phishing comes and goes — Christmas time, a rise in scams towards online consumers. Tax return time, a rise in tax related scams. At an enterprise level, you might also see a rise in phishing attacks related to your Key Business Events that are public knowledge, threat actors attempting to masquerade as supplier, for example.

Mitigation is calendar based

… Patch Tuesday! The irony is that, our implementation of mitigation has been equally seasonal with Patch Tuesday being scheduled for the second Tuesday of every month…

Tactical Mitigations — Security isn’t just for Xmas…

Though security should be 24/7, not just seasonal, our increased vigilance can definitely be adjusted to our key business events and key times of the year.

At any layer of security, vigilance can be implemented; Increased monitoring in the SOC, more scrutiny of physical security controls, a change in auditing activities, a review of threat intelligence.

Consider your vigilance levels, how you can monitor your vigilance and map this to your risk around the time of a year for the enterprise…




Twitter: @mikecybersec

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Equifax caught stealing legal rights from victims of the Equifax breach


{UPDATE} Crystalux.New Discovery - juego gratis y nuevo Hack Free Resources Generator

Decentralized Medicine

{UPDATE} Ladbrokes Poker Hack Free Resources Generator

GDPR Compliance: Everything Recruiters Need to Know

iOS 15 Password Manager will feature Multi-Factor Authentication (MFA/2FA) using Verification Codes.

Sup Phunks! Vol. 3

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Twitter: @mikecybersec

More from Medium

NahamCon 2022 CTF — Keeber 1, 2, 3, 5

Part of an example whois query

Deep-rooted firmware cyberthreats put defenders in a bind

Tails: The Most Secure Operation System

Detail Description about SPF Records