In preparation for Labor Day, a new alert from the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA) warns of an increase in ransomware attacks.
If you were a ransomware threat actor who wants to send out phishing emails at the perfect time, when would you send it? It might be suggested that sending emails when offices are closed and it’s not easy to validate the sender or their request – as no one else is working – could be a profitable time for threat actors.
According to the latest alert from CISA, entitled Ransomware Awareness for Holidays and Weekends, this is exactly what they’re seeing since Mother’s Day in May of this year. The FBI’s Internet Crime Complaint Center (IC3) reported a massive 62% increase in the number of ransomware attacks when comparing January through July of this year with the same time last year.
In their alert, CISA make the following recommendations:
- Have offline copies of your backups
- Secure and Monitor RDP (if being used)
- Patch and scan for vulnerabilities
- Use strong passwords
- Use Multi-factor Authentication
- Secure and segment your networks
- Audit and security user accounts
- Have an incident plan
- Implement Security Awareness Training to educate users to not click on malicious links or attachments
The alert does mention that “the FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months.”
Here's how it works:
