US govt warns critical infrastructure of ransomware attacks during holidays

US CISA and the FBI issued a joint alert to warn critical infrastructure partners and public/private organizations of ransomware attacks during holidays.

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn critical infrastructure partners of ransomware attacks during the holiday season.

During this period offices are often closed and employees are at home, for this reason, their organizations are more exposed to ransomware attacks. Both agencies haven’t identified any specific threats, but recent trends let them into believing that threat actors could launch impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends.

Below is the list of actions recommended by the agencies to increase the level of security of their infrastructure:

• Identify IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
• Implement multi-factor authentication for remote access and administrative accounts.
• Mandate strong passwords and ensure they are not reused across multiple accounts.
• If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
• Remind employees not to click on suspicious links, and conduct exercises to raise awareness.

Government experts also warn of other malicious activities such as phishing scams, fraudulent sites spoofing reputable businesses, and unencrypted financial transactions.

“Finally—to reduce the risk of severe business/functional degradation should your organization fall victim to a ransomware attack—review and, if needed, update your incident response and communication plans. These plans should list actions to take—and contacts to reach out to—should your organization be impacted by a ransomware incident.” concludes the alert.

In August, the FBI and CISA issued a similar alert, titled “Ransomware Awareness for Holidays and Weekends,” to warn organizations to keep high their defenses against ransomware attacks during weekends or holidays.

The FBI and CISA recommend organizations conduct threat hunting on their networks aimed at searching for any signs of threat actor activity to prevent attacks before they occur or to minimize the impact of successful attacks.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]