The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have cautioned companies in the United States regarding the greater risk of cyberattacks during the Thanksgiving period.
Cyber threat actors are generally most active throughout holidays and Saturdays and Sundays since there are probably fewer IT and security staff available to identify efforts to breach networks. The latest attacks have shown holiday weekends are the perfect time for cyber threat actors, just like Las Vegas Cancer Center, one of the latest victims of this kind of attack on the Labor Day weekend.
The alert is applicable to all companies and businesses, however particularly critical infrastructure companies. Cyber actors around the globe may pick Thanksgiving break to execute attacks to interrupt critical infrastructure and perform ransomware attacks.
CISA and the FBI are encouraging all entities to do something to make sure risk is properly mitigated before the holiday weekend to help avoid becoming the next victim of a pricey cyberattack.
Action that must be done right away includes an evaluation of existing cybersecurity solutions and making certain cybersecurity guidelines are being followed. Multi-factor authentication needs to be enabled on all remote and administrative accounts, default passwords must be modified, and strong passwords used on all accounts, with action taken to make certain passwords are not reused somewhere else.
Remote Desktop Protocol (RDP) is frequently targeted by threat actors, just as other remote access tools. It is essential to make certain that RDP and remote access services are protected, and connections are checked. In case remote access is not necessary, these services must be turned off.
Phishing is frequently used to obtain access to systems. It is critical to tell workers to exercise care with email, never click on suspicious URL links in emails, or open attachments in unsolicited email messages. Phishing scams frequently spoof trusted entities for instance non-profit organizations, popular brands, sellers, and office mates. Phishing campaigns are performed in huge numbers during this period of the year focusing on holiday season buyers, specifically during Black Friday and Cyber Monday. During the next couple of days, it is good to do exercises to increase awareness of security threats.
All employees will possibly want to have a vacation over Thanksgiving weekend, however it is critical to find IT security personnel who can be there to go into action when a security incident or ransomware attack happens. Quick action can significantly minimize the seriousness and cost of a cyberattack.
It is additionally encouraged to evaluate and update incident response as well as communication programs to make sure they will be effective when a cyberattack occurs. This month, CISA released new cybersecurity incident and vulnerability response playbooks to support federal civilian executive branch (FCEB) agencies with operational procedures for organizing and performing cybersecurity incident and vulnerability response activities; nevertheless, they could be utilized by all organizations for establishing cybersecurity incident and vulnerability response strategies.
Mitigations and cybersecurity recommendations that may be implemented to lessen danger are detailed in the recently issued CISA advisory – Ransomware Awareness for Holidays and Weekends.