The US Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory cautioning critical infrastructure personnel to remain vigilant against cyber security threats during holidays and adjacent weekends. While specific threats have not yet been identified by the agencies, recent history in 2021 shows that threat actors actively target holidays and weekends, such as Independence Day and Mother’s Day, for launching ransomware.
In addition to maintaining general cybersecurity awareness and maintaining vigilance against social engineering techniques such as phishing scams, fraudulent email from spoofed or compromised trusted parties, unencrypted financial transactions, and unapproved Multi Factor Authorization (MFA) attempts, the advisory recommends organizations:
- Identify IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
- Implement multi-factor authentication for remote access and administrative accounts.
- Mandate strong passwords and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
- Remind employees not to click on suspicious links, and conduct exercises to raise awareness.
- Review and update incident response and disaster planning, including communication procedures.