Threat actors have previously timed ransomware and other attacks to coincide with holidays and weekends
In the run-up to Thanksgiving and the holiday season, the United States’ Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are urging organizations, especially those operating in critical infrastructure, to remain vigilant against ransomware and other cyberattacks.
“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the agencies warned in a joint advisory on Monday.
Threat actors have previously timed ransomware and other malicious campaigns to coincide with holidays and weekends, when offices tend to be lightly staffed. One recent example is the attack against Kaseya’s IT management software, which unfolded at the start of the long Independence Day weekend.
“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA Director Jen Easterly in a press statement. “We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”
The agencies recommended a number of steps that organizations and businesses could take to mitigate the threats:
- create a dedicated team of IT professionals who can work even during off-hours to combat ransomware attacks and other incidents
- use multi-factor authentication for both remote access and admin accounts
- demand that employees use strong passwords and avoid recycling passwords across various accounts
- secure and monitor Remote Desktop Protocol (RDP) access points and other potentially risk-inclined services
- organize cybersecurity training to raise awareness of online threats in your organization
Beyond the mitigation steps, the agencies also encourage organizations to keep abreast of the various techniques that cybercriminals utilize to dupe their victims into giving them access into their networks, such as phishing, bogus websites spoofing legitimate business, and unencrypted financial transactions. Last but not least, businesses should always have an incident response plan prepared in the event they do succumb to a ransomware attack.