Cybercriminal

CISA, FBI Advise Organizations to Remain Alert to Ransomware During Holiday Weekends

The Cybersecurity and Infrastructure Security Agency and the FBI has advised organizations to remain alert to ransomware during holidays, including the forthcoming Labor Day.

CISA said organizations should perform preemptive threat hunting on their networks and other mitigation steps during the days leading up to holidays and weekends.

While the agencies do not have cyberthreat information for the upcoming dates, they have recorded increasingly impactful ransomware attacks against U.S. entities on or around holiday weekends over the last several months.

CISA said in its guidance that cybercriminals see holiday weekends as especially attractive timeframes to target both small and large businesses.

Eric Goldstein, CISA executive assistant director for cybersecurity, said ransomware is a critical threat to the United States but is not insurmountable.

“With our FBI partners, we continue to collaborate daily to ensure we provide timely, useful and actionable advisories that help industry and government partners of all sizes adopt defensible network strategies and strengthen their resilience,” Goldstein added.

CISA discouraged companies from paying the ransom, especially because doing so does not guarantee that data will be recovered.

Whether or not the organization pays the ransom, it should still report the incident to CISA or the local FBI office, according to the guidance.

CISA’s alert also contains steps tailored to organizations unfamiliar with the cyberthreat hunting method. The guidance explains the basic elements of the best practice and highlights the benefits of using a proactive strategy.

The document also contains the basics of cyber hygiene, including keeping operating systems up to date, scanning for vulnerabilities, using strong passwords, using multi-factor authentication, implementing network segmentation, securing user accounts and having an incident response plan.