News &
Information

Why A Balanced Approach Of Response And Preparation Is Needed For Data Security

A recent study found that IT personnel recognize how proactive risk assessment steps can minimize damage from a systems breach. However, do they have the time? Learn more.

Checking For Skimmers: A Day-To-Day Security Task

Performing visual and physical security checks can help you spot credit card skimmers. Learn more about this identity theft risk.

Online Account Takeover Fraud Spiking: Are Unique And Strong Passwords The Answer?

Account takeover fraud is on the rise. Read ways to protect yourself from this form of identity theft.

The Double-Whammy Threat Of Ransomware: Not Always About The Money

Many threat actors now incorporate data exfiltration extortion into their ransomware attacks. Learn more about ransomware attacks and data breaches.

The Holiday Season Is Approaching: Are Cyber Attacks More or Less Likely?

The Federal Bureau of Investigation (FBI) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) recently warned organizations to stay vigilant against cyberattacks on holidays.

The agencies stated that they have "observed an increase in highly impactful ransomware attacks occurring on holidays and weekends — when offices are normally closed — in the United States, as recently as the Fourth of July holiday in 2021."

According to the head of Cybersecurity Strategy at VMware, cybercriminals are "well aware" that organizations task "skeleton crews" with protecting their networks during weekends, holidays, and major events like the Super Bowl.

An affiliate of the "REvil" cyber gang committed the largest ransomware attack in history against the software company Kaseya at the beginning of the Fourth of July holiday weekend.

Similarly, Russian-associated cyber criminals attacked the meat processor JBS with ransomware on Memorial Day weekend, which led the organization to pay an $11 million ransom.

Colonial Pipeline paid a $4.4 million ransom after DarkSide forced it to shut down operations in a ransomware attack preceding Mother's Day weekend. The FBI later recovered $2.3 million of the ransom from the Russian-based hacking group.

Following that incident, the Transportation Security Administration (TSA) began requiring pipeline owners and operators to designate "a 24/7, always available cybersecurity coordinator," such as a chief security officer, who can coordinate with the TSA and CISA if a cyberattack occurs on a weekend or holiday. However, many other critical infrastructure sectors do not have such a mandate.

The joint advisory also stated that the ransomware gangs most frequently reported to the FBI during Aug. 2021 were Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin, and Crysis/Dharma/Phobos.

The FBI and CISA recommend that organizations backup data offline, avoid clicking on suspicious links, update their software, and use strong passwords and multi-factor authentication to protect their networks. Nicole Sganga "Feds warn organizations not to take a cyber vacation after high-profile hacking on holidays" cbsnews.com (Sep. 1, 2021).

Commentary

Organizations should modify their cybersecurity plan to make sure that their network stays secure at all times, including holidays and weekends.

Implement technological protections to monitor your network for suspicious activity. At least one IT employee must be on-call on holidays and weekends to respond immediately if your system detects a possible breach.

Remind employees to follow cybersecurity best practices at all times, including on the weekend and when on vacation. Stress the importance of only using an encrypted, secure internet connection if they must log into the network when away from the office.

Finally, your opinion is important to us. Please complete the opinion survey: