The U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation issued a reminder this week to critical infrastructure partners that bad actors are unlikely to take a break for the holiday season.
Although neither CISA nor FBI have identified specific threats looming, they noted that previous incidents over U.S. holidays have set a concerning precedent.
“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways – big and small – to disrupt the critical networks and systems belonging to organizations, businesses and critical infrastructure,” said the agencies in a joint bulletin.
WHY IT MATTERS
As CISA and the FBI pointed out, holidays such as Thanksgiving often mean offices are closed, and security professionals may be less attentive. Still, they said, organizations can take several actions to try and proactively protect against cyberattacks.
They recommended that all entities, especially critical infrastructure partners, to implement best practices, including:
- Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident
- Implementing multi-factor authentication for remote access and administrative accounts
- Mandating strong passwords and ensuring they are not reused across multiple accounts
- Ensuring remote desktop protocol is secure and monitored
- Reminding employees not to click on suspicious links, and conducting exercises to raise awareness
The agencies also urged organizations to stay vigilant against known cybercrime techniques, such as phishing scams, fraudulent sites spoofing reputable businesses and unencrypted financial transactions.
“Finally – to reduce the risk of severe business/functional degradation should your organization fall victim to a ransomware attack – review and, if needed, update your incident response and communication plans,” said the agencies, directing organizations to ransomware awareness resources regarding holidays and weekends. “These plans should list actions to take – and contacts to reach out to – should your organization be impacted by a ransomware incident.”
THE LARGER TREND
This isn’t the first time CISA and the FBI have issued a holiday ransomware warning.
Before Labor Day weekend, the agencies raised similar concerns, pointing to attacks on critical infrastructure on Mother’s Day, Memorial Day and Independence Day.
It also seems, however, that hackers need no special occasion to cause a ruckus. This year has seen a rise in cyber attacks and data breaches in the healthcare sector, with more than 40 million patient records compromised by incidents reported to the federal government in 2021.
ON THE RECORD
“As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the FBI are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you,” said the agencies in the bulletin.