Organizations should be on the lookout this holiday season as cybercriminals have shown an increased willingness to launch cyberattacks on organizations on U.S. holidays, federal agencies warn.
In a joint announcement, the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn critical infrastructure operators and other organizations to take several actions leading up to Thanksgiving holiday to proactively protect themselves against cyberattacks, including ransomware.
This warning comes in a year that has seen cyberattacks escalate to never-before-seen proportions, many of which have occurred when corporate offices empty for the holidays. That includes the July 4th weekend ransomware supply chain attacks that leveraged the Kaseya VSA platform and its managed service provider customers.
Colonial Pipeline was also hit with a massive ransomware attack over Mother’s Day weekend that crippled the pipeline – and much of the East Coast’s natural gas supply and gas prices – for several days.
The agencies didn’t identify specific threats, but pointed to those recent examples of why organizations must take proactive steps to securing their organization when our attention is focused elsewhere.
Those steps include:
- Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
- Implementing multi-factor authentication for remote access and administrative accounts.
- Mandating strong passwords and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
- Reminding employees not to click on suspicious links, and conduct exercises to raise awareness.
The agencies also urge organizations to be on the lookout for typical holiday-related cybercrime, including phishing scams and emails posing as charitable organizations, fake websites spoofing reputable businesses and hackers taking advantage of unencrypted financial transactions.
Organizations should also review their incident response and communication plans, and consult CISA’s Ransomware Awareness for Holidays and Weekends advisory for additional guidance on cybersecurity best practices and preventing ransomware.