With Thanksgiving just days away, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have warned organizations that hackers won’t be taking time off and to have plans in place to deal with any ransomware attacks that are likely to occur over the holiday season.
In a joint statement, they said that while there were no specific threats known, recent 2021 trends showed that malicious hackers launched serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.
“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA director Jen Easterly. “We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”
The two agencies provided a list of actions IT teams could undertake to prevent or mitigate such attacks over the holiday period. These include: identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack, implementing multi-factor authentication for remote access and administrative accounts, mandating strong passwords, and ensuring passwords are not reused across multiple accounts.
The agencies also said that if an organization used remote desktop protocol (RDP) or any other potentially risky service, they should ensure it is secure and monitored. Organizations were also urged to remind employees not to click on suspicious links and conduct exercises to raise awareness.
RELATED RESOURCE
The truth about cyber security training
Stop ticking boxes. Start delivering real change.
Organizations are being encouraged to review and, if needed, update their incident response and communication plans to reduce the risk of a severe business or functional degradation should they fall victim to a ransomware attack.
“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” said FBI cyber assistant director Bryan Vorndran. “We will continue to provide cyber threat information and share best safeguard practices. We urge network defenders to prepare and remain alert over the upcoming holiday weekend and report any suspicious activity to www.ic3.gov.”
The agencies also published a more comprehensive cyber security advisory here.
-
European financial firms are battling a huge rise in third-party breachesNews Growing vendor dependency has contributed to a marked rise in third-party breaches
-
‘We’ve got some fabulous conditions’: Salesforce UK chief exec Zahra Bahrololoumi touts the country's tech industry potentialNews The UK remains a “priority market” for Salesforce, according to its regional CEO
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Edge devices are now your weakest link: VPNs, firewalls, and routers were the leading source of initial compromise in 30% of incidents last year – here’s whyNews Compromised network edge devices have rapidly emerged as one of the biggest attack points for small and medium businesses.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
