FBI And CISA Ring Holiday Ransomware Alarm And Urge Immediate Safety Precautions

This is the time of year for giving thanks, munching on fried turkey (you are frying it, right?) and delicious side dishes, and shopping bargains on gaming laptops, TVs, and everything else. It's also when ransomware and other digital crooks ramp up their efforts to ruin the holidays. As such, the Federal Bureau of Investigation (FBI) and US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint statement urging critical infrastructure partners to be on high alert.

According to the joint notice, recent history indicates this is a time of year when foreign cyber-actors look for ways to disrupt critical networks and systems. These can be smaller or bigger efforts, with hackers taking aim at organizations, businesses, and various infrastructure. The FBI and CISA say organizations should be proactive against these threats, and in particular ransomware.

"While we are not currently aware of a specific threat, we know that threat actors don’t take holidays," CISA director Jen Easterly said in a statement. "We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI."

Despite the lack of a specific threat, the agencies say trends over the course of this year indicate hackers increase their level of ransomware attacks during holidays and weekends, such as Mother's Day weekend and Independence Day.

As the holidays approach, the FBI and CISA are urging companies to audit their security and mitigation practices, and to take specific actions to avoid the looming threat. Those actions include...
  • Identify IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
  • Implement multi-factor authentication for remote access and administrative accounts.
  • Mandate strong passwords and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Remind employees not to click on suspicious links, and conduct exercises to raise awareness.
The agencies also recommended staying on top of other potential threats, including phishing scams, fake sites spoofing reputable businesses, and unencrypted financial transactions. These are all things organizations should constantly be on the lookout for, but hey, a reminder during what could be a peak hacking season doesn't hurt.