IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US government warns of increased risk of ransomware over holiday season

CISA and FBI issue joint statement warning organizations not to let their guard down

Holiday season warning

With Thanksgiving just days away, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have warned organizations that hackers won’t be taking time off and to have plans in place to deal with any ransomware attacks that are likely to occur over the holiday season.

In a joint statement, they said that while there were no specific threats known, recent 2021 trends showed that malicious hackers launched serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.

“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA director Jen Easterly. “We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”

The two agencies provided a list of actions IT teams could undertake to prevent or mitigate such attacks over the holiday period. These include: identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack, implementing multi-factor authentication for remote access and administrative accounts, mandating strong passwords, and ensuring passwords are not reused across multiple accounts.

The agencies also said that if an organization used remote desktop protocol (RDP) or any other potentially risky service, they should ensure it is secure and monitored. Organizations were also urged to remind employees not to click on suspicious links and conduct exercises to raise awareness.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

Organizations are being encouraged to review and, if needed, update their incident response and communication plans to reduce the risk of a severe business or functional degradation should they fall victim to a ransomware attack.

“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” said FBI cyber assistant director Bryan Vorndran. “We will continue to provide cyber threat information and share best safeguard practices. We urge network defenders to prepare and remain alert over the upcoming holiday weekend and report any suspicious activity to www.ic3.gov.”

The agencies also published a more comprehensive cyber security advisory here.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Hackers use Linux backdoor on compromised e-commerce sites with software skimmer
malware

Hackers use Linux backdoor on compromised e-commerce sites with software skimmer

19 Nov 2021
Iranian hackers ramp up attacks against IT services sector
hacking

Iranian hackers ramp up attacks against IT services sector

19 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Swift exit: How the world cut off Russian banks
finance

Swift exit: How the world cut off Russian banks

24 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022