Just a week before Thanksgiving, shoppers at Stop & Shop stores across Massachusetts were forced to leave empty-handed after a cyberattack against the supermarket chain’s parent company led to inventory shortages. 

Parent company Ahold Delhaize said in a statement earlier this month, that it had alerted law enforcement about the cyber breach and had taken some systems offline. “While there may be some limited inventory for certain products, we are working to re-stock our shelves and anticipate item availability to continue to improve over the next few days,” the company said. But the incident may be a sign of things to come during the holiday season, when cybersecurity crises are likely to peak.

Already this year, corporate giants like AT&T, Ticketmaster and United Health have suffered paralyzing cyberattacks, and now, businesses are bracing for the holidays, a time when many cybersecurity operations rely on skeleton staffing. But the FBI and Department of Homeland Security are warning that it’s no time for them to be taking a “cyber vacation.”

The vast majority of ransomware attacks that hobbled businesses and organizations over the past year — 86% —  occurred on a weekend or holiday, according to a new global study of 900 IT and security professionals released this week by cybersecurity firm Semperis. But researchers also found that 85% of surveyed organizations — 90% in the U.S. — reduce security staffing by as much as 50% during those same periods.

“This study would say that we’re not making thoughtful choices,” former White House “cyber czar” and Semperis strategic adviser Chris Inglis told CBS News. “If you realize that most of these attacks take place on holidays and weekends and you reduce your manning, you take away your opportunity to essentially have parity with your adversaries,” said Inglis. He added, “The advantage goes to the attacker, because they’re not taking a day off. They never take a day off.”

According to the report, organizations consistently overestimate their defenses, with 81% of respondents reporting that they believe they have the necessary expertise to safeguard their digital identities from threats. Still, 83% of participants suffered a successful ransomware attack within the past year.

Organizations are beginning to sense they’re more vulnerable around the holidays, but Inglis suggested consumers, too, need to be vigilant. Technologies like smart phones and tablets are now cheaper and nearly ubiquitous, but safety measures have not kept up. 

“We’ve not actually made the necessary investments to make it such that these technologies — or this system of technologies — is defensible and well defended,” he said.

According to the survey, mergers, acquisitions, stock launches or layoffs also functioned as “magnets” for ransomware attacks, with a majority of respondents – 63% – also experiencing a cyber attack following what’s known as a “material corporate event.” 

With financial executives predicting that President-elect Donald Trump’s return to the White House could usher in a wave of bank mergers and acquisitions, cybersecurity experts worry that cybercriminals will be able to take advantage of these “moments of distraction.” 

“Our adversaries – be they criminal or foreign, rogue nations – they test the waters every day. They’re conscious of the fact that our attention waxes and wanes,” Inglis said. “If there’s a merger or an administration transition, those are moments of distraction. So we can expect that they will do what they always do. It’s not that they search at this moment, it’s that they see their opportunities being perhaps more productive at this moment.”

In February, UnitedHealth Group suffered the biggest hack in U.S. healthcare history after its acquisition of Change Healthcare meant it inherited outdated technology, with digital systems not yet safeguarded by multi-factor authentication. 

Beyond an anticipated onslaught of big bank deals, changes in administration – regardless of politics – have historically enticed foreign adversaries to test the defenses of new leadership in Washington. In 2021, President Joe Biden inherited fallout from a sophisticated Russian cyberattack leveled against Texas software-maker SolarWinds and used to breach roughly 100 top U.S. companies and a dozen government agencies. 

In June 2017, the Russian military waged the devastating ‘NotPetya’ cyber attack during Trump’s first year in office, unleashing a virus that crippled parts of Ukraine’s infrastructure and ravaged computer systems worldwide, amounting to billions in damages. 

Security staffing also remains a widespread challenge across industries, with just 85% of organizations maintaining a year-round, 24-hour Security Operations Center, according to Semperis, and staffing challenges prompted by higher overtime costs when most employees are typically out of the office around the holidays.

Contributing to cybersecurity staffing headaches, cybersecurity workforce growth worldwide has flatlined for the first time since 2019. With growth of just 0.1% year-over-year in 2024, budget cuts, layoffs and hiring freezes have exacerbated a global staffing shortage of cybersecurity professionals, according to a recent report released by ISC2. 

The former U.S. national cyber director said that he’s routinely asked what keeps him up at night. “It’s not the attackers, the Russians, the Chinese or any kind of ransomware actors. It’s us,” Inglis said. “Sometimes, it’s the complacency and the proactive ambivalence on our side that is actually, I think, more determinative of our future.” 

Traditionally, a mortgage refinance helps homeowners put extra money back into their pockets. By refinancing to a lower interest rate than what they currently have on their mortgage loan, homeowners reduce their payments and save money. And with a cash-out refinance they pay off their existing mortgage balance with a new loan, keeping the difference between the two as cash for themselves. 

But right now isn’t exactly a traditional time in the mortgage rate climate. Mortgage interest rates are elevated, and in 2023, they hit their highest level since 2000. They’ve only come down slightly since then. This means that if you pursue either of the above options, it will likely come at the expense of having to exchange your existing, below-average mortgage rate for a much higher one.

For many homeowners, this is a compromise they can’t agree to. And for seniors, many of whom are reliant upon limited income and budgets, it’s an exchange that could severely hurt their financial status. Fortunately, there are multiple mortgage refinancing alternatives that seniors can – and should – consider now instead. Below, we’ll break down three of them.

Start by checking your reverse mortgage eligibility here today.

3 mortgage refinancing alternatives seniors should consider now

Seniors who can’t take advantage of today’s refinancing options may find these three alternatives beneficial now:

Reverse mortgages

This option is only available for seniors 62 and older (with some rare exceptions). But if you qualify it’s arguably your best recourse right now. Unlike other products, a reverse mortgage will pay you from your home’s equity versus you having to make monthly repayments back to the lender. That difference in equity will need to be repaid if the home is sold or if the owner dies. But, in the interim, it can provide a much-needed source of funding, particularly when considering that the average homeowner has around $330,00 worth of equity to utilize currently.

See how much money you could get with a reverse mortgage now.

Home equity loans

Home equity loans allow borrowers to withdraw from their equity at a fixed interest rate, which is a major advantage in today’s volatile rate climate. The loan will need to be repaid over a 10- or 15-year period, on average. But it won’t require touching your existing mortgage interest rate and you won’t even have to use your same mortgage lender if you can locate better rates and terms with a competitor. 

That said, home equity loan rates are often lower because the home serves as collateral in this circumstance, so borrowers will need to have a clear ability to repay all that they’ve withdrawn or they could risk their homeownership in the process.

Check your home equity loan eligibility here now.

Home equity lines of credit (HELOCs)

HELOCs function similarly to home equity loans, but they disburse the funds via a revolving line of credit, unlike the home equity loan’s lump sum. And HELOCs have variable interest rates which change monthly for borrowers. This poses unique risks (a higher rate in the future could make payments prohibitive) and special benefits (as the rate climate cools your payments could drop, too). But if you want to maintain your existing, low mortgage rate and still get access to financing that you need now, a HELOC is worth exploring.

Learn more about HELOCs here.

The bottom line

Seniors who want to tap into their home equity but don’t want to break the bank to do so should strongly consider skipping mortgage refinancing options for the above alternatives instead. By doing so they’ll still gain access to additional income but at a cheaper cost. Still, when borrowing from your home equity, it’s critical to weigh the pros and cons, especially for seniors with limited income. So consider speaking to a financial advisor or lender who can help answer all of your questions and concerns.