My TechDecisions

IT Infrastructure, Network Security, News

U.S. Agencies: Lookout for Cyberattacks During Holiday Break

FBI and CISA urge organizations to take several actions leading up to the Thanksgiving holiday to proactively protect themselves against cyberattacks.

Leave a Comment

Rransomware Encryption Speed
Andrey Popov/stock.adobe.com

Organizations should be on the lookout this holiday season as cybercriminals have shown an increased willingness to launch cyberattacks on organizations on U.S. holidays, federal agencies warn.

In a joint announcement, the FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn critical infrastructure operators and other organizations to take several actions leading up to Thanksgiving holiday to proactively protect themselves against cyberattacks, including ransomware.

This warning comes in a year that has seen cyberattacks escalate to never-before-seen proportions, many of which have occurred when corporate offices empty for the holidays. That includes the July 4th weekend ransomware supply chain attacks that leveraged the Kaseya VSA platform and its managed service provider customers.

Colonial Pipeline was also hit with a massive ransomware attack over Mother’s Day weekend that crippled the pipeline – and much of the East Coast’s natural gas supply and gas prices – for several days.

The agencies didn’t identify specific threats, but pointed to those recent examples of why organizations must take proactive steps to securing their organization when our attention is focused elsewhere.

Those steps include:

  • Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
  • Implementing multi-factor authentication for remote access and administrative accounts.
  • Mandating strong passwords and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Reminding employees not to click on suspicious links, and conduct exercises to raise awareness.

The agencies also urge organizations to be on the lookout for typical holiday-related cybercrime, including phishing scams and emails posing as charitable organizations, fake websites spoofing reputable businesses and hackers taking advantage of unencrypted financial transactions.

Organizations should also review their incident response and communication plans, and consult CISA’s Ransomware Awareness for Holidays and Weekends advisory for additional guidance on cybersecurity best practices and preventing ransomware.

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

Hybrid Work Challenges
The Three Most Common Hybrid Work Challenges Two Years Into the Pandemic

Many of us have been working in a hybrid environment for two years now. Our editors thought this would be a good time to take a look at what’s work...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ