Summer travel plans? Don’t get scammed while you’re away

Your itinerary is set. 

Your luggage is packed. 

You’ve even scheduled the Uber pickup for the morning trip to the airport. It seems as if nothing now stands in the way between you and clicking that glorious out-of-office button.

However, if you work in IT or security, your pre-summer vacation checklist must go beyond the items you’ll pack inside a suitcase. How will you maintain the organization’s cyber security posture when you’re away from the office? 

SecOps teams are continuing to see spikes in cyber-attacks during United States summer holiday weekends — including some of the most notable cyber-attacks in recent years. Consider the MOVEit SQL injection vulnerability during Memorial Day weekend last year. Prior to that, the ransomware assault on the Los Angeles Unified School District over Labor Day weekend in 2022. 

On an even larger scale, the infamous Colonial Pipeline ransomware attack preceding Mother’s Day weekend in 2021 was the largest publicly disclosed cyberattack on critical infrastructure in U.S. history, causing the pipeline to shut down for several days, fuel widespread consumer panic, and drive gas prices to their highest point since 2014.

Each of these historical cyber incidents — all occurring during summer holiday weekends — serve as stark reminders of the necessity for organizations to bolster its security measures during holiday weekends and summer months. 

For IT and security leaders, nothing will ruin a vacation faster than a malicious actor gaining access into your systems. To help ensure that does not happen, below are a handful of actions that you can focus on to help prevent their organization from becoming this summer’s hottest breach. 

Power-down what you can before you leave the office

Take a moment to safeguard the assets that make up your organization’s attack surface. One simple (yet crucial) step is to power-down all devices that won’t be in use while you’re out of the office. While it’s a common and relatively harmless practice to leave these devices running continuously, doing so leaves each device openly exposed to potential cyber threats. By shutting them down, you effectively sever their online connection and minimize the risk of unauthorized access. If you anticipate not needing these devices remotely for several days (or weeks, considering our European peers with envious summer vacation practices), take the proactive approach and power them off. This is perhaps the simplest action you can take that will yield significant security benefits and hopefully, provide some peace of mind during your vacation. 

Install patches & updates

According to the 2024 Verizon Data Breach Investigations Report, there’s been a 180% jump in vulnerability exploitation from 2023’s numbers, emphasizing the critical need for prompt security updates. One of the most impactful data breaches in the U.S. — leaking most U.S. adult social security numbers from Equifax—was due to an unpatched instance of Apache Struts. 

If you’re a part of a security or IT team, chances are you oversee critical production servers, and thus should ensure timely software updates to mitigate risks. Before extended absences, identify all systems, software and devices that need to update before you leave. Before you go on vacation, be certain that you have pushed all the patches you need to before you leave; making sure to prioritize the critical, externally-exposed ones first. A patched infrastructure will lower the risk of an incident occurring while you are out of the office. 

Ensure all accounts and devices enable MFA

Integrating a Multi-Factor Authentication (MFA) solution into your organization’s cybersecurity framework serves as a formidable barrier against unauthorized network access, especially in the wake of successful phishing attacks on staff members. MFA’s multifaceted verification process significantly heightens security measures, requiring not only passwords but also additional factors like temporary access codes or biometric verification. Obviously, deploying MFA right before a vacation is not ideal. Hopefully, you have added MFA to your security controls long ago. That said, if you already use MFA, it could help protect the users who remain in office during your vacation from causing a breach, should they fall for a phishing attempt or any other credential theft. 

Define contingency plans

Creating robust cybersecurity contingency plans is crucial for effectively responding to cyber threats and minimizing their impact on your organization. This involves establishing clear communication channels and response procedures for various types of incidents like malware and ransomware, data breaches, distributed denial-of-service attacks and more. It’s also important to identify and ensure the availability of necessary resources; this should include defining roles and responsibilities for those enacting this process in your absence. Not only must you ensure that your team is properly staffed and scheduled, but also that they are given appropriate access to the organization’s security platform and solutions. 

Additionally, if your vacation plans will take you completely off the grid for longer than a few days (sounds nice, doesn’t it?), take time beforehand to align these plans with your organization’s legal and executive teams to cover-off on responsibilities for the absolute worst-case-scenarios, such as complying with data breach notification laws and disclose timelines. 

Simplified security software

Integrate solutions that offer automated threat detection features. Early detection and automated response against sophisticated attacks is a must in today’s robust threat landscape. Look for a solution that uses an AI-driven protection model with continuous monitoring of endpoints to detect malicious activity that might slip by traditional antivirus solutions. By prioritizing the adoption of robust yet simplified security solutions, businesses can establish a comprehensive defense mechanism against potential threats. Reducing complexities can increase employee compliance with security protocols and minimize the likelihood unauthorized access via human error. If you work with a Managed Service Provider (MSP) or a Managed Security Services provider (MSSP), touch base with them to make sure that they’re aware of out-of-office schedules and have quick access to emergency contacts and login credentials. 

Consider working with an MSP

Working with a trusted MSP helps lighten the load on an organization’s internal IT and security teams, especially MSPs that provide proactive monitoring and maintenance to keep your IT systems running 24/7. Aligning with an MSP often leads to fewer disruptions, increased productivity and a higher level of confidence that the business operates smoothly — even when you’re out of the office.  

By incorporating these proactive measures into your summer out-of-office preparations, IT and security leaders can cultivate a culture of cyber resilience and readiness that gives the wider organization peace of mind during these increasingly hostile summer months. 

Corey Nachreiner is the CTO of WatchGuard Technologies. A front-line cybersecurity expert for nearly two decades, Nachreiner regularly contributes to security publications, speaks internationally at leading industry trade shows like RSA and has written thousands of security alerts and educational articles for WatchGuard’s Secplicity blog. A Certified Information Systems Security Professional (CISSP), Nachreiner enjoys “modding” any technical gizmo he can get his hands on and considers himself a hacker in the old sense of the word.