Threat actors have previously timed ransomware and other attacks to coincide with holidays and weekends
In the run-up to Thanksgiving and the holiday season, the US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are urging organizations, especially those operating in critical infrastructure, to remain vigilant against ransomware and other cyber attacks.
“Recent history tells us that this could be a time when these persistent cyber-actors halfway around the world are looking for ways – large and small – to disrupt the critical networks and systems belonging to organizations, businesses and critical infrastructure,” he warned. agencies in a joint consultation on Monday.
Threat actors have previously timed ransomware and other malicious campaigns to coincide with holidays and weekends where offices tend to be lightly staffed. A recent example is the attack on Kaseya’s IT management software, which unfolded at the start of the long Independence Day weekend.
“While we are not currently aware of a specific threat, we know that threat actors are not on holiday,” CISA Director Jen Easterly said in a press release. “We will continue to provide timely and actionable information to help our industry and government partners stay safe and robust during the holiday season. We urge all organizations to remain vigilant and report all cyber incidents to CISA or the FBI.”
The agencies recommended a number of steps that organizations and companies could take to mitigate the threats:
In addition to mitigation steps, agencies also urge organizations to keep abreast of the various techniques that cybercriminals use to trick their victims into giving them access to their networks, such as phishing, fake websites that spoof legitimate businesses, and unencrypted financial transactions. Last but not least, companies should always have an incident plan drawn up in case they succumb to a ransomware attack.