With Thanksgiving just days away, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have warned organizations that hackers won’t be taking time off and to have plans in place to deal with any ransomware attacks that are likely to occur over the holiday season.
In a joint statement, they said that while there were no specific threats known, recent 2021 trends showed that malicious hackers launched serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.
“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA director Jen Easterly. “We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”
The two agencies provided a list of actions IT teams could undertake to prevent or mitigate such attacks over the holiday period. These include: identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack, implementing multi-factor authentication for remote access and administrative accounts, mandating strong passwords, and ensuring passwords are not reused across multiple accounts.
The agencies also said that if an organization used remote desktop protocol (RDP) or any other potentially risky service, they should ensure it is secure and monitored. Organizations were also urged to remind employees not to click on suspicious links and conduct exercises to raise awareness.
RELATED RESOURCE
The truth about cyber security training
Stop ticking boxes. Start delivering real change.
Organizations are being encouraged to review and, if needed, update their incident response and communication plans to reduce the risk of a severe business or functional degradation should they fall victim to a ransomware attack.
“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” said FBI cyber assistant director Bryan Vorndran. “We will continue to provide cyber threat information and share best safeguard practices. We urge network defenders to prepare and remain alert over the upcoming holiday weekend and report any suspicious activity to www.ic3.gov.”
The agencies also published a more comprehensive cyber security advisory here.
-
Using DeepSeek at work is like ‘printing out and handing over your confidential information’News Thinking of using DeepSeek at work? Think again. Cybersecurity experts have warned you're putting your enterprise at huge risk.
-
Can cyber group takedowns last?ITPro Podcast Threat groups can recover from website takeovers or rebrand for new activity – but each successful sting provides researchers with valuable data
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
-
Google cyber researchers were tracking the ShinyHunters group’s Salesforce attacks – then realized they’d also fallen victimNews In an update to an investigation on the ShinyHunters group, Google revealed it had also been affected
-
Nearly one-third of ransomware victims are hit multiple times, even after paying hackersNews Many ransomware victims are being hit more than once, largely thanks to fragmented security tactics
-
75% of UK business leaders are willing to risk criminal penalties to pay ransomsNews A ransom payment ban is a great idea - until you're the one being targeted...
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employeesNews The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
