My TechDecisions

IT Infrastructure, Network Security, News

U.S. Agencies: Lookout for Cyberattacks During Holiday Break

FBI and CISA urge organizations to take several actions leading up to the Thanksgiving holiday to proactively protect themselves against cyberattacks.

Leave a Comment

ransomware kit_Holiday Cyberattacks _John Oliver Ransomware
Andrey Popov/stock.adobe.com

Organizations should be on the lookout this holiday season as cybercriminals have shown an increased willingness to launch cyberattacks on organizations on U.S. holidays, federal agencies warn.

In a joint announcement, the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn critical infrastructure operators and other organizations to take several actions leading up to Thanksgiving holiday to proactively protect themselves against cyberattacks, including ransomware.

This warning comes in a year that has seen cyberattacks escalate to never-before-seen proportions, many of which have occurred when corporate offices empty for the holidays. That includes the July 4th weekend ransomware supply chain attacks that leveraged the Kaseya VSA platform and its managed service provider customers.

Colonial Pipeline was also hit with a massive ransomware attack over Mother’s Day weekend that crippled the pipeline – and much of the East Coast’s natural gas supply and gas prices – for several days.

The agencies didn’t identify specific threats, but pointed to those recent examples of why organizations must take proactive steps to securing their organization when our attention is focused elsewhere.

Those steps include:

  • Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
  • Implementing multi-factor authentication for remote access and administrative accounts.
  • Mandating strong passwords and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Reminding employees not to click on suspicious links, and conduct exercises to raise awareness.

The agencies also urge organizations to be on the lookout for typical holiday-related cybercrime, including phishing scams and emails posing as charitable organizations, fake websites spoofing reputable businesses and hackers taking advantage of unencrypted financial transactions.

Organizations should also review their incident response and communication plans, and consult CISA’s Ransomware Awareness for Holidays and Weekends advisory for additional guidance on cybersecurity best practices and preventing ransomware.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

The State of Digital Signage & Video Wall Technology

Digital signs and video walls come in a variety of sizes, configurations and pixel pitches, but they share a common purpose: communicating information

Live Demo: Ensuring Excellent Hybrid Meetings Without Stressing IT Staff

Watch this live demo of AVI-SPL’s meeting room management software Symphony to learn how to ensure positive meeting outcomes and reduce the burden ...

Three Soft Skills IT Pros Need in 2022 and Beyond

Along with a deep understanding of new and emerging technologies and how to apply them to a business, IT professionals also need the requisite soft...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales