table of contents
- 01.Security risks increase during long holidays
- 02.What to do before your vacation
- 03.Measures to take after the holidays
- 04.LANSCOPE Endpoint Manager Cloud Edition: Security measures for long holidays
- 05.summary
During long holidays, companies’ security systems tend to be weaker, making them more susceptible to cyber attackers.
Also, before a long vacation, people are often busy checking work progress, organizing projects, and handling handovers with relevant parties, so security measures are often put on the back burner.
However, if strengthening and checking security measures is put off, there is a concern that response will be delayed in the event of an emergency, and the damage will worsen.
This article explains the security measures you should take before and after a long vacation.
Security risks increase during long holidays
During long holiday periods such as the New Year holidays, Golden Week, and summer vacation, companies’ security officers and system administrators are often absent.
Cyber ​​attackers often target these ” moments when security systems are weak ” to launch attacks.
In fact, from the end of 2024 to the beginning of 2025, a series of DDoS (distributed denial of service) attacks occurred in Japan.
A DDoS attack is a cyber attack in which multiple devices intentionally send a large number of packets to a target server in an attempt to put a huge load on the target server or network, causing it to crash.
â–¼List of DDoS attacks that occurred from the end of 2024 to the beginning of 2025
| Date and Time | target | Overview of the damage |
|---|---|---|
| 2024/12/26 | Major airlines | The baggage storage system was temporarily unavailable, causing four domestic flights to be canceled and a total of 71 domestic and international flights to be delayed. |
| 2024/12/26 | Major Bank A | Temporarily unable to log in to services for individuals and businesses |
| 2024/12/29 | Major Bank B | Unable to log in to personal internet banking |
| 2024/12/31 | Major bank C | An issue occurs that makes it difficult to access online banking |
| 2025/01/02 | Major telecommunications companies | A temporary system failure occurred on the portal site operated by the company. |
| 2025/01/05 | Private weather corporation | Damage has occurred, such as making it difficult to view some content on the web version of weather forecast media and making it difficult to use some functions of the app version. |
In the case of incidents occurring during long holidays, delays in initial response will directly lead to the expansion of damage.
For example, if you are late in noticing a sudden increase in external communication volume, confidential information may be leaked or your internal network may be taken over.
Therefore, before going on a long vacation, it is important to check in advance the response flow in the event of an incident.
In addition, when resuming operations after a holiday, it is necessary to carefully check the security of the entire system, including whether there has been any suspicious behavior, tampering, or abnormalities in access history.
What to do before your vacation
First, we will explain the security measures you should take before going on a long vacation.
- Check the emergency contact flow and response procedures
- Turn off devices you are not using
- Update your OS and software
- Get a backup
Let’s take a look at some specific steps you can take to minimize the damage.
Check the emergency contact flow and response procedures
Be sure to review emergency contact flows and response procedures before going on vacation in case an incident occurs during your vacation.
Some things you should especially check are:
â–¼Items to check
- Are your contact details (phone, email, chat tools, etc.) up to date?
- Is there a clear alternative person to respond in case the person in charge is unavailable?
- Is there a system in place to handle nighttime and weekend work?
- Are incident response procedures and manuals in place?
- Is there a shared reporting point in case an incident is recognized?
- Are contact points for business partners and affiliated companies shared?
- Can I contact the system vendor during long holidays?
Even if an incident does occur, if the responders and response flow are defined, initial responses can be made quickly.
However, be careful not to let the confirmation become a mere formality.
Turn off devices you are not using
Devices that are always connected to the internet or company network are more likely to be scanned and attacked from outside while you are on vacation.
In particular, the following devices are at high risk of being targeted, so caution is required.
- PCs and printers at bases and branches that will be unmanned for long periods
- Test server for development environment
- USB hubs and external storage devices temporarily used for work
- In-house Wi-Fi access points and IoT devices with no scheduled maintenance
It is recommended that you turn off any unused equipment before a long vacation and physically block any risks.
Additionally, for core systems that require constant operation, alternative measures must be implemented, such as applying security patches, reviewing log monitoring settings, and strengthening remote monitoring systems.
Update your OS and software
If you do not update your operating system or software and leave vulnerabilities unaddressed, the risk of unauthorized access and malware infection increases.
Therefore, before going on vacation, be sure to check that your operating system, business applications, antivirus software, etc. are up to date and update them if necessary.
Get a backup
If an unexpected problem occurs while you are on vacation, backup data is your lifeline for ultimate recovery.
Even if a cyber attack or system failure occurs, having up-to-date backups can help minimize the damage.
Ideally, backups should be stored in multiple locations, including the cloud, external storage, and offline environments.
It is also important to regularly test your backups to ensure they can be restored successfully.
Measures to take after the holidays
Here are some steps you should take after the holidays:
- Check the logs
- Update the definition files
- Update your OS and software
- Scanning devices for viruses
After the holidays, people tend to relax and their security awareness tends to decrease.
Please be sure to implement the measures outlined in this article so that you can resume work safely.
Check the logs
First, check various logs to see if any unauthorized access or abnormal communications occurred during your vacation.
For example, it is important to check the following logs:
- Access logs for network devices such as firewalls, routers, and VPNs
- Login history to internal servers and cloud environments
- Administrator privilege operation history and setting change log
- Security product alert records (IDS/IPS, EDR, etc.)
In particular, if there is any login history on holidays or late at night, or communication history from an IP address that you do not normally access, you should investigate immediately.
Update the definition files
Antivirus software and endpoint security products require updated definition files (signatures) to protect against the latest malware and attack methods.
Automatic updates may have stopped on devices that were disconnected from the network while you were on vacation, so be sure to check the following points before returning to work:
- Are your virus definition files and engines up to date?
- Is automatic application of security updates enabled?
- Are there any errors in the definition file update log?
Please update the definition files before browsing websites or sending or receiving emails.
Update your OS and software
If you resume work without applying security patches released during the holidays, your system will be connected to the network with remaining vulnerabilities, which is extremely dangerous.
After a long holiday, be sure to check that the following updates have been made before resuming work.
- Apply the latest patches for your OS (Windows, macOS, Linux, etc.)
- Updates for business applications (Office products, browsers, PDF viewing software, etc.)
- Driver and firmware updates (especially for Wi-Fi routers and peripherals)
Browsers and remote connection tools (VPN clients, remote desktops, etc.) are particularly susceptible to attacks, so keeping them up to date is a basic security measure.
Scanning devices for viruses
If you bring home devices such as laptops or USB memory sticks and use them during a long vacation, they may become a source of infection such as malware via an external network environment.
Therefore, once a device has been connected to an external network, be sure to perform the following steps before connecting it to the internal network.
- Full scan with trusted antivirus software
- Delete unnecessary software and files
- Checking for consistency with company security policies
USB memory sticks in particular can contain malware in auto-execution files, so they should be handled with care, such as by scanning them in an isolated environment before connecting them.
While speed of work is important, the time when “reconfirming security” should be given even higher priority is right after the holidays.
Even a little bit of checking and effort can help prevent serious problems from occurring.
LANSCOPE Endpoint Manager Cloud Edition: Security measures for long holidays
LANSCOPE Endpoint Manager Cloud Edition, an IT asset management and MDM tool provided by MOTEX Co., Ltd. (hereinafter referred to as MOTEX), is a security solution that helps strengthen security before and after long holidays.
For example, you can perform everything from understanding the application status of Microsoft’s Feature Updates (FU) and Quality Updates (QU) to distributing patches and updates, all in one place.
â–¼Check all “unapplied devices” at once with LANSCOPE Endpoint Manager Cloud Edition
â–¼Set the distribution date and time and message for updates and patches, and then execute the distribution.
Administrators can distribute and apply updates all at once, making it possible to efficiently manage updates before and after long holidays.
In addition, LANSCOPE Endpoint Manager Cloud Edition can also obtain PC operation logs.
The log screen allows you to easily understand how employees use their PCs, including who used which PC, when, and what operations were performed for app usage, website browsing, file operations, Wi-Fi connections, and more .
For example, if an employee takes their PC home during a long vacation and performs an operation that could lead to an information leak, an alert will be sent to the administrator, making it possible to detect fraudulent activity early and prevent incidents.
For more information about LANSCOPE Endpoint Manager Cloud Edition, please see the following page or the document that clearly summarizes its functions and features.
summary
This article explains the security measures that should be taken before and after long holidays.
â–¼Summary of this article
- Cyber ​​attackers tend to launch attacks during long holidays when security systems are less robust.
- Before a long vacation, it is important to check the emergency contact flow and response procedures in advance, and to “update the OS and software” and “obtain backups.”
- After a long vacation, it is recommended that you first update your operating system and software, update definition files, check logs, and scan any devices you have taken out for viruses before returning to your regular work.
