My TechDecisions

IT Infrastructure, Network Security, News

U.S. Agencies: Lookout for Cyberattacks During Holiday Break

FBI and CISA urge organizations to take several actions leading up to the Thanksgiving holiday to proactively protect themselves against cyberattacks.

Leave a Comment

Holiday Cyberattacks _John Oliver Ransomware
Andrey Popov/stock.adobe.com

Organizations should be on the lookout this holiday season as cybercriminals have shown an increased willingness to launch cyberattacks on organizations on U.S. holidays, federal agencies warn.

In a joint announcement, the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn critical infrastructure operators and other organizations to take several actions leading up to Thanksgiving holiday to proactively protect themselves against cyberattacks, including ransomware.

This warning comes in a year that has seen cyberattacks escalate to never-before-seen proportions, many of which have occurred when corporate offices empty for the holidays. That includes the July 4th weekend ransomware supply chain attacks that leveraged the Kaseya VSA platform and its managed service provider customers.

Colonial Pipeline was also hit with a massive ransomware attack over Mother’s Day weekend that crippled the pipeline – and much of the East Coast’s natural gas supply and gas prices – for several days.

The agencies didn’t identify specific threats, but pointed to those recent examples of why organizations must take proactive steps to securing their organization when our attention is focused elsewhere.

Those steps include:

  • Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
  • Implementing multi-factor authentication for remote access and administrative accounts.
  • Mandating strong passwords and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Reminding employees not to click on suspicious links, and conduct exercises to raise awareness.

The agencies also urge organizations to be on the lookout for typical holiday-related cybercrime, including phishing scams and emails posing as charitable organizations, fake websites spoofing reputable businesses and hackers taking advantage of unencrypted financial transactions.

Organizations should also review their incident response and communication plans, and consult CISA’s Ransomware Awareness for Holidays and Weekends advisory for additional guidance on cybersecurity best practices and preventing ransomware.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Your Guide to Business Continuity Planning

Recent events including the COVID-19 pandemic and natural disasters have IT professionals thinking about their recovery plans.

Your Guide to Implementing a Zero Trust Network Architecture

Thanks to a continuous onslaught of nation-state cyberattacks, exploited vulnerabilities and ransomware, the term Zero Trust has been thrust into t...

South Carolina Real Estate Developer Future-Proofs New HQ

When The Beach Company decided to relocate and modernize it’s headquarters at The Jasper in downtown Charleston, is was clear the only ones to comp...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales