There is a pattern here. Long holiday weekends make for ransomware attacks and data breaches. It is well-known that malicious actors take advantage of understaffed IT resources on holidays. In fact, it's become such a common occurrence, that the FBI and the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security have issued a joint advisory warning organizations to be on high alert as Labor Day weekend approaches.
Three major attacks in 2021 were conducted over holiday weekends: Mother's Day weekend saw the Colonial Pipeline ransomware attack; over Memorial Day weekend, hackers attacked the JBS SA meatpacking operations in the U.S., Canada, and Australia; and in the weekend leading up to the July 4th holiday, software vendor Kaseya suffered a massive attack that allowed malicious actors to launch ransomware attacks against some 1,500 businesses all over the world.
The FBI/CISA joint advisory urges businesses to be "especially diligent in your network practices" as this weekend approaches. The advisory also sets out precautionary measures that should be at the top of every list heading into the weekend, including the continuous and active monitoring for ransomware threats over the weekend and identifying IT security personnel to be "on call" in the event of a ransomware attack. Some other takeaways:
- Make an offline backup of data.
- Do not click on suspicious links.
- If you use potentially risky services - like Remote Desktop Protocol - secure and monitor logs and ensure that security features are enabled and properly configured.
- Update your operating system and software and scan for vulnerabilities
- Use strong passwords.
- Use multi-factor authentication.
- Secure your user accounts.
- Have an incident response plan.
Don't let the hackers have a holiday with your network and data.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.