CISA and FBI warn: threat actors don’t take holidays
Malicious cyber actors aren’t making the same holiday plans as you. Instead, they take advantage of holidays and weekends to disrupt critical networks and systems.
“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways — big and small — to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” CISA and the FBI warned.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a cybersecurity reminder for public and private sector organizations to remain vigilant and take appropriate precautions to reduce their risk to ransomware and other cyber attacks leading up to and during the holiday season.
“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” CISA Director Jen Easterly is quoted in a press release. “We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”
There are actions that executives, leaders, and workers in any organization can take proactively to protect themselves against cyberattacks, including possible ransomware attacks, during the upcoming holiday season—a time when offices are often closed, and employees are home with their friends and families.
“Cyber criminals have historically viewed holidays as attractive times to strike,” said FBI Cyber Assistant Director Bryan Vorndran. “We urge network defenders to prepare and remain alert over the upcoming holiday weekend and report any suspicious activity to www.ic3.gov.”
Recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.
CISA and the FBI recommend maintaining vigilance against the multiple techniques cybercriminals use to gain access to networks, including:
* Phishing scams, such as unsolicited emails posing as charitable organizations.
* Fraudulent sites spoofing reputable businesses — it is possible malicious actors will target sites often visited by users doing their holiday shopping online.
* Unencrypted financial transactions.
Among the mitigations described in the joint alert are the need for entities to identify IT security employees for weekends and holidays who would be available during these times in the event of a ransomware attack. Other best practice recommendations include:
* Implement multi-factor authentication for remote access and administrative accounts
* Mandate strong passwords and ensure they are not reused across multiple accounts
* If you use remote desktop protocol (RDP) or other potentially risky services, ensure it is secure and monitored
* Remind employees not to click on suspicious links, and conduct exercises to raise awareness
* Review and, if needed, update incident response and communication plans that list actions an organization will take if impacted by a ransomware incident
More from CyberNews:
Subscribe to our newsletter