Take These Steps Now to Reduce Labor Day Cybersecurity RiskSeptember 2, 2021 | Shari Claire Lewis |
On August 31, 2021, the FBI and CISA (Cybersecurity and Infrastructure Security Agency) issued Alert AA21-243A, warning that there is an increased risk to U.S. entities of an “impactful ransomware attack” over Labor Day Weekend. A summary of the risk and suggested steps to address it can be found at https://us-cert.cisa.gov/ncas/current-activity/2021/08/31/fbi-cisa-advisory-ransomware-awareness-holidays-and-weekends. The Alert can be read, in its entirety at https://us-cert.cisa.gov/ncas/alerts/aa21-243a.
The FBI and CISA are unaware of any specific threats of a Labor Day attack. However, they issued the Alert based on the recent spate of significant cyberattacks against U.S. entities that have occurred on holiday weekends, including on Mother’s Day, Memorial Day and the Fourth of July of 2021. Bad actors may view holiday weekends as attractive times to target small and large businesses because, during these time periods, IT support, network defenders and businesses in general operate at limited capacity.
The Alert provides an analysis of recent ransomware trends. For example, the attacks are most frequently accomplished using “phishing” or “brute forcing” of unsecured remote desktop protocol (RDP) endpoints. The Alert also suggests that entities engage in “preemptive threat hunting,” as a long-term, pre-emptive strategy to prevent attacks.
Most importantly, the Alert provides links to useful information concerning “Immediate Actions You Can Take Now to Protect Against Ransomware.” FBI-CISA recommend the following steps, be deployed now:
- Make an official backup of entity data;
- Do not click on suspicious links;
- Secure and monitor use of RDP;
- Update operating systems and software;
- Require use of strong passwords; and
- Enable multi-factor authentication.
Taking these actions before leaving for the Labor Day weekend will help your organization manage the immediate cyber risk. After the holiday, it may be time to consider the other tactics discussed in the Alert, and whether it is time for your business’s cyber practices and policies to be updated in collaboration with management, IT, staff, outside cyber consultants and legal counsel.
- Shari Claire Lewis