23 November 2021

FBI and CISA warn of potential cyberattacks during holidays


FBI and CISA warn of potential cyberattacks during holidays

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning infrastructure partners and public and private sector organizations to stay vigilant during the holidays and don't let their guard down against ransomware attacks.

“As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation (FBI) are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the two agencies said.

Although neither CISA nor the FBI currently have identified any specific threats, the agencies urge organizations to take proactive measures to defend against cyberattacks, including to following:

  • Identify IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.

  • Implement multi-factor authentication for remote access and administrative accounts.

  • Mandate strong passwords and ensure they are not reused across multiple accounts.

  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.

  • Remind employees not to click on suspicious links, and conduct exercises to raise awareness

CISA and the FBI also recommend maintaining vigilance against the multiple techniques cybercriminals use to gain access to networks, such as phishing scams, fraudulent websites spoofing reputable businesses, and unencrypted financial transactions.

Back to the list

Latest Posts

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Dropped countries include such countries as Morocco, Mexico, Saudi Arabia, or the UAE.
26 November 2021
CronRAT: New Linux malware that hides behind February 31 to stay undetected

CronRAT: New Linux malware that hides behind February 31 to stay undetected

The malware hides in the Linux calendar system and enables server-side Magecart data theft which bypasses browser-based security solutions.
26 November 2021
New malware campaign targets crypto, NFT and DeFi communities via Discord

New malware campaign targets crypto, NFT and DeFi communities via Discord

The Babadeda crypter is able to bypass signature-based antivirus solutions and was previously observed in malicious campaigns distributing RATs, and LockBit ransomware.
26 November 2021