CISA: Ransomware Attacks Favor Holidays and Weekends



CISA Ransomware AttacksIn preparation for Labor Day, a new alert from the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA) warns of an increase in ransomware attacks.

If you were a ransomware threat actor who wants to send out phishing emails at the perfect time, when would you send it? It might be suggested that sending emails when offices are closed and it’s not easy to validate the sender or their request – as no one else is working – could be a profitable time for threat actors.

According to the latest alert from CISA, entitled Ransomware Awareness for Holidays and Weekends, this is exactly what they’re seeing since Mother’s Day in May of this year. The FBI’s Internet Crime Complaint Center (IC3) reported a massive 62% increase in the number of ransomware attacks when comparing January through July of this year with the same time last year.

In their alert, CISA make the following recommendations:

  • Have offline copies of your backups
  • Secure and Monitor RDP (if being used)
  • Patch and scan for vulnerabilities
  • Use strong passwords
  • Use Multi-factor Authentication
  • Secure and segment your networks
  • Audit and security user accounts
  • Have an incident plan
  • Implement Security Awareness Training to educate users to not click on malicious links or attachments

The alert does mention that “the FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months.”


RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews