Holiday Hackers: How to Safeguard Your Service Desk

Hackers really don’t take holidays, but they will take advantage of them. 

Consumer traffic rises sharply during the holidays. Correspondingly, the scope and severity of cyberattacks also increase, with one cybersecurity firm reporting a 200 percent jump in attacks targeting e-commerce businesses  right before Christmas.

Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. 

Recovering accounts because of forgotten passwords is one of the high-risk events in the identity management life cycle, making the service desk a likely target during the holiday season. 

Why Holidays are Susceptible to Cyberattacks

• Consumer Online Spending Increases. People tend to spend more during the holiday seasons, and they are increasingly doing so more online. On Black Friday 2022, consumers managed to spend $9.2 billion online, a 2.3 percent year-over-year increase. With this type of activity, companies have a lot more consumer data on-hand. This means that hackers will have that much more valuable data to steal.
• Service Desks Are not Fully Staffed. During the holidays, service desks may be understaffed and under pressure. There may be fewer people available to respond to threats and the service desk employees who are there may be too busy dealing with requests to stay vigilant against threats.
• Companies Have No Emergency Plan for an Increase in Cyberattacks. Many companies also may not have strategies in place to address the escalation of holiday cyberattacks. Compared to how they could respond to an attack that occurs during a regular weekday, companies will take much longer to analyze, stop or recover from one that occurs during the busy holiday season. 
• Companies Are More Likely to Pay Ransom. Companies may opt to pay ransoms quickly to stop the ransom amounts from increasing and to not lose any more business. 

For hackers, all these factors create an ideal situation for launching service desk attacks. For example:

• JBS, the world’s largest meat suppliers shut down production when it was hacked during Memorial Day weekend in May of 2021. 
• At the beginning of the July 4th weekend in 2021, hackers targeted U.S. technology firm Kaseya, targeting hundreds of companies around the world with ransomware. 
• In March 2022, a Microsoft’s employee account was compromised with a call to the service desk, which allowed hackers to steal code from Bing, Bing Maps and Cortana. 

Why the Service Desk is a Prime Holiday Cyberattack Target

The service desk is typically the first point of contact for end users who are unable to login to their account or access needed company resources. The service desk can perform or facilitate critical, high-risk functions such as resetting passwords, creating new accounts (including administrative accounts) or eliminating multi-factor authentication for users who have been locked out of their accounts.  

This capability of bypassing security policies is a double-edged sword: While serving as the first line of defense against hackers and point of contact for employees, the service desk also serves as a back door to your network through social engineering. 

Common Attacks Involving the Service Desk

• Vishing or Voice Phishing. Hackers will impersonate service desk support to con end-users into providing not only their passwords, but also their two-factor authentication information. They can also compromise accounts by sending alerts to targets that claim their device has been infected and that they must contact the service desk to fix the issue. 
• Ransomware. Long holiday weekends are ideal for ransomware attacks. Hackers are able to take time and escalate privileges throughout the network to have as much control over as many systems as possible. According to one report, 76 percent of ransomware incidents occur outside of working hours. 
• Social Engineering for Password Resets. After researching employees who have personal information online and on social media to gain answers to security questions, hackers will impersonate a legitimate user and request a password reset. If it is an administrative account, they can perform actions such as elevate privileges or remove two-factor authentication protection for other accounts. These actions allow them to move laterally across your company’s networks and conduct. One very recent example of hackers targeting the service desk of a company with social engineering is the MGM breach. In that case, it was a third-party IT support vendor who underwent the social engineering attack.

Tips To Keep Your Service Desk Safe

• Verify Identity of Callers Using Specops Secure Service Desk.Your service desk can reinforce secure user verification while reducing social engineering vulnerability. They can verify the accounts of your employees with existing data in Active Directory. This bypasses the vulnerabilities of knowledge-based authentication, which can be overcome by hackers who are able to easily obtain answers to security questions. Instead, Specops Secure Service desk uses other security measures, like sending one-time code to the mobile number associated with the employee’s account or using existing authentication services such as Duo Security, Okta, PingID, and Symantec VIP to verify callers. 
• Minimize Cumbersome Reset Calls with Specops uReset. Specops uReset gives employees—66% of whom prefer using a self-service mechanism for their password resets—and other end-users the capability to initiate the password reset process by themselves. This is a secure tool that reinforces your company identity management procedures while giving users autonomy over their password-related issues.
• Train Your Employees Well. Your service desk staff should be educated about their vulnerabilities and the specific threats that target their department. They also need to know how to report suspicious activities, what they can do to prevent them and how to respond to them. There are many options for training, such as educational sessions, webinars and newsletters.

Get Secure for the Holiday Season and Moving Forward with Specops

Cybersecurity has to be a continuous priority for all organizations. Equipping your service desk employees with tools like Specops uReset and Secure Service Desk can help ensure that they are presenting the best defense against hackers who want to take advantage of them during the holiday season. 

Get in touch with Specops to learn much more about the password security management options that are available to you.

Sponsored and written by Specops Software.