My TechDecisions

IT Infrastructure, Network Security, News

U.S. Agencies: Lookout for Cyberattacks During Holiday Break

FBI and CISA urge organizations to take several actions leading up to the Thanksgiving holiday to proactively protect themselves against cyberattacks.

Leave a Comment

Andrey Popov/stock.adobe.com

Organizations should be on the lookout this holiday season as cybercriminals have shown an increased willingness to launch cyberattacks on organizations on U.S. holidays, federal agencies warn.

In a joint announcement, the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn critical infrastructure operators and other organizations to take several actions leading up to Thanksgiving holiday to proactively protect themselves against cyberattacks, including ransomware.

This warning comes in a year that has seen cyberattacks escalate to never-before-seen proportions, many of which have occurred when corporate offices empty for the holidays. That includes the July 4th weekend ransomware supply chain attacks that leveraged the Kaseya VSA platform and its managed service provider customers.

Colonial Pipeline was also hit with a massive ransomware attack over Mother’s Day weekend that crippled the pipeline – and much of the East Coast’s natural gas supply and gas prices – for several days.

The agencies didn’t identify specific threats, but pointed to those recent examples of why organizations must take proactive steps to securing their organization when our attention is focused elsewhere.

Those steps include:

  • Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
  • Implementing multi-factor authentication for remote access and administrative accounts.
  • Mandating strong passwords and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Reminding employees not to click on suspicious links, and conduct exercises to raise awareness.

The agencies also urge organizations to be on the lookout for typical holiday-related cybercrime, including phishing scams and emails posing as charitable organizations, fake websites spoofing reputable businesses and hackers taking advantage of unencrypted financial transactions.

Organizations should also review their incident response and communication plans, and consult CISA’s Ransomware Awareness for Holidays and Weekends advisory for additional guidance on cybersecurity best practices and preventing ransomware.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ