CISA Warns About the Ransomware Risk During the Upcoming Labor Day Holiday

  • CISA tries to warn organizations of the high possibility of dealing with a ransomware infection during Labor Day.
  • Malicious actors love to move during the weekend, and the date of this holiday makes up the “perfect storm”.
  • Even at the last minute, developing a response plan could help avert large amounts of losses and trouble.

On Monday, September 6, 2021, the United States will celebrate Labor Day, the federal holiday to honor and recognize the workers’ movement and the laborers' contribution to the country's greatness. As with all holidays, everything will be working on emergency personnel, which means having understaffed IT teams on agencies and organizations. Ransomware actors see this as an excellent opportunity to launch attacks, and as CISA’s (Cybersecurity and Infrastructure Security Agency) latest alert underlines the fact and warns about the risks.

While the CISA and the FBI clarify that they don’t have any specific intelligence on an upcoming cyberattack during the Labor Day holiday, it is considered a very high possibility based on the standard actor tactics and procedures followed during other holidays and weekends the past couple of months. This is further worsened by the fact that Labor Day is on a Monday, and also during a period when a respectable number of people chose to get their holiday.

As such, everyone is urged to update their software tools and OS, and scan their network for vulnerabilities, use MFA everywhere, implement network segmentation, make offline backups of important data, and develop an incident response plan, even if we’re only days away from the holiday. If something bad begins to unfold, the infected systems should be isolated, and all computers in the network should be turned off immediately.

Bill O’Neill, Vice President of Public Sector at ThycoticCentrify, told us:

It’s all too common that the majority of these attacks happen during the holidays, often leading to a delayed response from an unprepared ‘skeleton crew’ that simply doesn’t have the resources to simultaneously monitor for and deter threats. Of the threats that will be monitored, trigger automatic alerts, and enforce certain lockdowns, most will still require human action for mitigation and additional security controls. And because most organizations would prefer to have their data released immediately rather than wait out the duration of a holiday weekend (and incur continued reputational damage), they’re also more likely to negotiate with attackers and pay out the requested ransom to minimize long term risks associated with these attacks.

Obviously, the solution can’t be to force all IT team members to denounce Labor Day and have them work, but treating the chance of a ransomware attack as certainty is changing the stance of the defenders. This is what CISA’s alert is going for, and it contains links to various resources and guides on how to properly shield systems against these actors.

Finally, it is important to note that many ransomware actors have a presence in the systems long before they encrypt the files locally, so there are many groups out there that already have access to corporate networks and just wait for September 6 to initiate the encryption process. To figure out if you have an intrusion, check the logs for unusual network communications or increased CPU and disk activity.

Latest
How to Watch European Beach Volleyball Championships 2022 Online From Anywhere
The 2022 European Championships are in full swing, and the European Beach Volleyball Championships are about to reach crunch time. With 128...
How to Watch Homicide Hunter: Never Give Up Online From Anywhere
Lt. Joe Kenda enthralled audiences with tales from the hundreds of murder cases he investigated throughout the 9 seasons of Homicide Hunter....
How to Watch Hotties Online From Anywhere: Stream the Blind Date Food Competition Series
If you like blind date reality shows as much as cooking competitions and extremely spicy food, you'll most probably love this new...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]