US officials are telling American businesses and government organizations to take extra precautions against hackers this Thanksgiving following multiple ransomware attacks during previous holiday periods.
An advisory Monday from the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) told organizations to identify key IT security employees who can be on call in the event of a ransomware attack. The advisory underscores how preparing for disruptive hacks has become a daily task for US companies and agencies after a series of high-profile ransomware attacks on critical American infrastructure this year.
“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” CISA Director Jen Easterly said in a statement. “We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”
Ransomware gangs like to strike on the weekend or during holidays, when organizations are short-staffed and potentially off-guard. In one incident over the Fourth of July weekend, a criminal hacker breached Kaseya, a major US IT supplier, in a ransomware attack that affected up to 1,500 businesses around the world.
“[R]ecent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekend,” CISA and the FBI said.
A study by security firm Cybereason of more than 1,200 security professionals working at organizations that have suffered a ransomware attack found that nearly a quarter of those surveyed still do not have specific contingency plans for dealing with ransomware attacks over holiday periods.
Ransomware isn’t the only consideration when it comes to holiday scams. CISA’s counterpart in the United Kingdom, the National Cyber Security Centre, issued its own warning Monday that cybercriminals had compromised customer payment information on 4,000 small businesses websites.
Other types of hacks have rattled US businesses during Thanksgivings past. Sony Pictures Entertainment discovered the week of Thanksgiving, in 2014, that hackers had stolen reams of data from the film studio and destroyed some company computers in the process. US officials later blamed North Korean hackers for the cyberattack.