The holidays are not just a moment of disconnection for workers, they are also more and more for cybersecurity teams. And cybercriminals know it. Therefore, from Zerod, the first marketplace of Ethical Hackers, his CEO, Víctor Ronco, points out that “in summer surveillance is reduced, critical functions are delegated and the remote accesses are increased from non -securized devices. That generates the perfect scenario for an attack.”
A paralyzed SME in 48 hours
Example of what can happen during the holiday period was the cyber attack that suffered in August 2024 to a company of 38 employees based in Seville. On the stage, the IT manager was on vacation and critical tasks had been delegated to a substitute with high permits, but without specific cybersecurity training.
Taking advantage of this human gap, the attackers launched a carefully designed phishing campaign that managed to compromise the employee’s credentials through a VPN connection without double authentication factor. In less than 48 hours, cybercounts obtained access to the company’s shared file server, deployed a ransomware that encrypted both operational and administrative information and demanded a rescue of 4.2 bitcoins (approximately 223,000 euros).
The consequences of this cyber attack were clear and forceful. The company was completely inactive for five working days, which resulted in operating losses estimated at 95,000 euros. In addition, it suffered reputational damage that resulted in the cancellation of three contracts valued together in 180,000 euros. These costs were added another 42,000 euros in expenses associated with expertise, systems recovery, client notification and safety measures reinforcement.
From Zerod they exemplify with a real case that if a cybercrime enters your network and warns that an attack during the holidays can paralyze an SME in 48 hours
“This case reflects some of the real situations we see in the summer period. The attacks do not rest, and every year they are more sophisticated,” says Víctor Ronco, CEO of Zerod.
Alarming figures in Spanish business fabric
The figures that affect Spanish business fabric are worrisome. Zerod recalls that 99.8% of companies in Spain are SMEs, and, according to the annual CCN-CERT report of 2024, 56% of cyber attacks aimed at companies in the country are aimed at these types of organizations. This reality makes them one of the main targets of cybercriminals, especially during vacation periods.
To these data are added the results of a recent study by INCIBE, which reveals two major weaknesses in the preparation of small and medium enterprises against digital threats. On the one hand, only 38% of SMEs have an response protocol against cybercrims. On the other, among the companies that were attacked during the summer, 62% took more than three days to detect intrusion, which significantly amplifies the impact of the attack.
“The impact of an attack is not only economical: it can also be legal if there is loss of personal data, which implies sanctions by the AEPD,” says Víctor Ronco.
For a cybersagide summer
Given this situation, Zerod recommends a series of essential preventive measures to guarantee a cybersagide summer. These include performing a preventive penetration or “Penteting” test before the holiday period to identify critical vulnerabilities, in addition to activating the double authentication factor in all remote accesses, and limit the permits of temporary or substitute users.
They also advise to execute specific security audits on the systems that will be under reduced supervision, make backups disconnected from the network or in highly protected environments, as well as simulate real attacks by “network team” exercises to evaluate the response capacity of the personnel that remains and reinforce early detection protocols.
«Cybersecurity cannot depend on who is in the office. That is why it is essential to know all the vulnerabilities before the holidays arrive, not after the attack, ”says Zerod CEO.
