Real World Risk Management Practical HR Resources
welcome
Are you a new user?
REGISTER HERE





RETRIEVE PASSWORD

The Holiday Season Is Approaching: Are Cyber Attacks More or Less Likely?

The Federal Bureau of Investigation (FBI) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) recently warned organizations to stay vigilant against cyberattacks on holidays.

The agencies stated that they have "observed an increase in highly impactful ransomware attacks occurring on holidays and weekends — when offices are normally closed — in the United States, as recently as the Fourth of July holiday in 2021."

According to the head of Cybersecurity Strategy at VMware, cybercriminals are "well aware" that organizations task "skeleton crews" with protecting their networks during weekends, holidays, and major events like the Super Bowl.

An affiliate of the "REvil" cyber gang committed the largest ransomware attack in history against the software company Kaseya at the beginning of the Fourth of July holiday weekend.

Similarly, Russian-associated cyber criminals attacked the meat processor JBS with ransomware on Memorial Day weekend, which led the organization to pay an $11 million ransom.

Colonial Pipeline paid a $4.4 million ransom after DarkSide forced it to shut down operations in a ransomware attack preceding Mother's Day weekend. The FBI later recovered $2.3 million of the ransom from the Russian-based hacking group.

Following that incident, the Transportation Security Administration (TSA) began requiring pipeline owners and operators to designate "a 24/7, always available cybersecurity coordinator," such as a chief security officer, who can coordinate with the TSA and CISA if a cyberattack occurs on a weekend or holiday. However, many other critical infrastructure sectors do not have such a mandate.

The joint advisory also stated that the ransomware gangs most frequently reported to the FBI during Aug. 2021 were Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin, and Crysis/Dharma/Phobos.

The FBI and CISA recommend that organizations backup data offline, avoid clicking on suspicious links, update their software, and use strong passwords and multi-factor authentication to protect their networks. Nicole Sganga "Feds warn organizations not to take a cyber vacation after high-profile hacking on holidays" cbsnews.com (Sep. 1, 2021).

Commentary

Organizations should modify their cybersecurity plan to make sure that their network stays secure at all times, including holidays and weekends.

Implement technological protections to monitor your network for suspicious activity. At least one IT employee must be on-call on holidays and weekends to respond immediately if your system detects a possible breach.

Remind employees to follow cybersecurity best practices at all times, including on the weekend and when on vacation. Stress the importance of only using an encrypted, secure internet connection if they must log into the network when away from the office.

Finally, your opinion is important to us. Please complete the opinion survey:

Lax Password Practices Continue To Put Employers At Risk

Employees continue to ignore best practices for protecting and selecting passwords. What can be done to change the pattern?

read more

Employee Training Continues To Be The Best Medicine For Ransomware Exposure Prevention

A recent cybersecurity report shows how ransomware has become the most significant malware threat. Read how employee training is your best prevention tool.

read more

The Right And Wrong Way To Monitor Employee Internet Use

A recent announcement creates controversy over privacy rights. Employers often use technology to monitor employees. However, they must do so wisely. Read more.

read more

Why Implementing "Zero-Trust Principles" Can Help Prevent Credential Hijacking

With cybercriminals relying less on malware, organizations must protect their networks, devices, and data with zero-trust security. Learn more.

read more