CISA & FBI Releases Ransomware Awareness for Holidays and Weekends
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have warned of a rise in holiday and weekend related ransomware attacks. The reason: They can catch businesses by surprise and cause major damage. holiday ransomware awareness report.
FBI experts observed that hackers were especially active during holidays when offices are typically closed. Specifically, the FBI observed an uptick in ransomware attacks over the Fourth of July holiday in 2021.
The report stated: “The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months,”“The FBI and CISA encourage all entities to examine their current cybersecurity posture and implement the recommended best practices and mitigations to manage the risk posed by all cyber threats, including ransomware.”
The FBI and CISA recommend that companies take necessary precautions to prevent ransomware attacks. The best way to hunt for hackers on your network is to engage in threat hunting. Hackers are often undetected on a network for a long time before they shut it down.
The report recommended that organizations establish a baseline of their IT environment’s normal activity to detect any deviations. It also recommended reviewing data logs, placing honeytokens throughout the environment, and using intrusion prevention systems and automated security alerts.
Suspicious activity includes unusual inbound and outbound traffic, theft of passwords, geographical access irregularities, and attempts to access folders on servers that are not linked to the HTML within the pages of the server. The FBI and CISA urge organizations to take the following immediate actions to protect themselves against ransomware:
- Create a offline backup of your data.
- Do not click on suspicious links.
- Only use RDP behind a client to site VPN.
- Make sure your computers OS and Software is updated.
- Use strong passwords.
- Use multi-factor authentication.
The report also urges companies to prepare for a cyberattack by developing an incident response plan. Such a plan will also help prevent further damage from the attack.