The U.S. Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity and Infrastructure Agency today issued an alert about threats against critical infrastructure during holidays and weekends.
The alert is to remind critical infrastructure partners that malicious actors “aren’t making the same holiday plans as you.” The FBI and CISA note that recent history shows that persistent cyberattackers live halfway across the world and regularly look for ways to disrupt critical networks and systems.
The alert suggests that executives and others in any organization can take proactive measures to protect against cyberattacks, including ransomware, during the upcoming holiday season. Recommendations include examining organizational cybersecurity posture and implementing best practices and mitigations to manage the risks posed by cyberthreats.
These include identifying information technology employees that are available on weekends and holidays to protect against ransomware attacks, implementing multifactor authentication, mandating strong passwords, securing remote desktop protocol logins and reminding employees not to click on suspicious links.
The FBI and CISA further suggested that companies should additionally maintain vigilance against the various techniques used by cybercriminals to gain access to networks. They include phishing scams, fraudulent sites spoofing reputable business, and unencrypted financial transactions.
“Cybercriminals are acutely aware that their targets are much slower to respond to alerts that would otherwise give them away during holidays,” Chris Clements, vice president of solutions architecture at IT service management company Cerberus Cyber Sentinel Corp., told SiliconANGLE. “Many organizations move to skeleton crews staffed by mostly junior personnel or even completely on-call duties that significantly impact the speed and effectiveness of responding to indicators of compromise. It’s no fun, but organizations must make this truth a part of their overall security strategy to ensure that they have adequate capabilities to detect and respond to a cyberattack even during the holidays.”
James McQuiggan, security awareness advocate at security awareness training firm KnowBe4 Inc., noted that cybercriminals love to attack during holiday weekends specific to American culture.
“Whether it is the July 4th holiday, near Labor Day or especially Thanksgiving, they release their ransomware attacks or other data breach efforts on the few days leading into holiday weekends,” McQuiggan said. “Given the limited staff, including decision-makers, around the holidays adds up to a weekend of frustration. The cybercriminals most likely were in the networks and infrastructure leading up to the holiday and then launched the encryption on Thursday afternoon or Friday night to ruin the holiday weekend for IT, incident response teams and senior management.”