With the holidays approaching, federal officials are again warning organizations of all sizes to be on the lookout for cyberattacks and to be especially vigilant as offices empty and attention is turned elsewhere.
These warnings from the White House, U.S. Cybersecurity and Infrastructure Security Agency(CISA), and the FBI come as IT teams and vendors scramble to patch the Log4j vulnerabilities and apply patches to fix several critical vulnerabilities in Microsoft products.
Major IT vendors such as IBM, VMWare, Cisco and a host of others have released security patches over the last several days, and more are expected to come leading into the holidays. What makes patching these systems even more important is the fact that ransomware groups and nation-state actors are now beginning to leverage their sophisticated tools and techniques to exploit the vulnerabilities, Microsoft said in a new blog.
That comes as IT pros are also applying monthly security patches from Microsoft, Adobe, Google and Apple.
In advisories to corporate executives and business leaders, the White House and CISA urge organizations to apply those patches before IT and cybersecurity staff take time off, leaving just a fraction of support staff to keep an eye on security over the upcoming break.
In addition to applying patches, White House and CISA urge organizations to take several steps to reduce the risk of a cyberattack during the holiday season, including:
- Patching all systems to ensure criminals can’t exploit know vulnerabilities.
- Gaining visibility into the network. The White House recommends enabling logging, paying attention and quickly investigating irregularities.
- Mandating multi-factor authentication and password security. IT should mandate good password hygiene, which includes not using the same password across accounts and requiring regular changes. Most of all, organizations should adopt multi-factor authentication to help prevent unauthorized access to corporate accounts.
- Make sure you have IT coverage during the holidays. The White House advises organizations to make sure someone is always paying attention to the network, and IT security personnel should be on-call in the event of a cyberattack.
- Increase employee awareness. IT can’t do it all themselves, so the government urges organizations to conduct regular training and awareness campaigns with end users.
- Develop an incident response plan and test it. Conduct incident response training leading up to the holidays so staff will know exactly what to do in the event of a cyberattack over the holidays.
- Back up data. Back up systems before the holiday break, test them and make sure they are offline.
- Stay informed about current cyber threats. There is no shortage of headlines about cybersecurity, so make sure staff are keeping up with that news and staying on top of current trends.
It’s important to note that several recent large-scale cyberattacks have occurred over long holiday weekends, including the July 4th ransomware campaign that leveraged a vulnerability in the Kaseya VSA platform and the Colonial Pipeline ransomware attack that took place over Mother’s Day weekend.