Cyber-Threat Ushers in the Year of the Golden Ox

Over the coming Lunar New Year celebration, while employees are feeling at their most relaxed and generous, enterprise security is at its most vulnerable. During the Chinese New Year hiatus, internal lapses of security will lead to prosperous bonuses for cybercriminals who are out to feed off the festive spirit. In line with cybercriminal trends of the past 5 years, the criminals have already laid the traps, so businesses need to be extra security vigilant as the holidays approach and the rise in online crime puts business networks at increased risk.

Fortinet’s top tips to be vigilant of this Chinese New Year:
· New Year Shopping
o Watch for Rogue shopping sites advertised by spam campaigns and strong search engine optimisation when looking for "Chinese New Year gifts" and the like, and beware of legitimate sites that can be compromised and booby-trapped with malicious code.
· Malware ‘Tricks’
o Malware related to Chinese New Year will be very common as authors trying to trick users into clicking malicious links to attachments related to the celebrative season. E-cards, Holiday sales, Festive fun - If you don’t know what you are opening... don’t.
· Working from Home this Festive Season
o Beware users who’ve taken their laptops home for extended periods over the Chinese New Year hiatus and come back onto the network. What nasties might be on there? The desktop protection might also not be up to date, so additional pressure will be on your network security devices.
· R&R
o With just a few days out of the office, employees become ‘download happy’ on personal computers over the break and more often than not bring this relaxed attitude to security back to the workplace. Beware that this complacency can provide increased avenues of attack.
· Temporary staff
o …are not just for this Chinese New Year. Well they are, but with access to passwords, and confidential information, if not managed properly can lead to a serious security breech. IT departments must ensure that temporary staffs only have access to documents that are necessary and if passwords are granted they are changed after the festive period.

For a prosperous year of the Golden Ox, organisations must ensure all employees are made aware of the festive threats by communicating security messages from the top down.

If you would like further information on the cyber threat of this Chinese New Year, Fortinet’s expert Guillaume Lovet will be happy to provide further information.

金牛年网络威胁防范贴士

当员工们在轻松的心情下庆祝农历新年的同时，这也是企业安全最脆弱的时候。在农历新年期间, 内部安全的漏洞将提供网络罪犯更多的犯罪机会。过去5年内的网络犯罪记录指出，罪犯已经在网络设下了陷阱。因此在假期来临期间以及上升的网上犯罪活动使得商业网络风险提高的情况下，企业必须保持额外的警惕。

Fortinet农历新年期间必须警惕的事项：
新年购物当您上网搜索新年贺礼或类似物品时， 请小心由垃圾邮件活动所刊登的购物网站和谨慎选择搜索引擎。此外，也必须注意恶意密码可能入侵一些合法网站并在那里设下陷阱。

恶意软件的“小伎俩” 通常网络犯罪者会利用与农历新年有关的附件来诱导网络用户点入恶意链接。因此请不要打开来历不明的电子贺卡，佳节倾销或佳节活动。

佳节期间在家办工 请谨防在新年期间携带电脑笔记本回家并重新回到工作网络的用户。他们的桌面保护程序可能还未被更新，因此将会为您的网络安全设备带来额外的压力。

松懈防备 员工在假期期间可能毫无节制的使用私人电脑下载软件或其他文件，并在回到工作岗位时松懈了安全防备。 这种松懈的态度将提高网络被攻击的机率。

临时员工 这不仅仅是在这个新年假期所需要注意的事项。别忘了临时员工有机会获得密码和机密信息，如果不妥善处理可能会导致严重的安全威胁。科技信息部门必须确保临时员工只能在需要时才能进入某些文件。与此同时，请在春节后更改临时员工所拥有的密码。

为了确保能开心欢庆金牛年， 企业必须通知所有员工有关佳节期间的威胁以让 他们随时保持警惕。
若您想知道更多有关农历新年期间的网络威胁，Fortinet 专家Guillaume Lovet将很乐意为您提供更多的资料。