FBI Warns Holidays To Be Critical For US Ransomware Attacks

FBI warns ransomware attacks will flare up over the holidays. (photo: doc. unsplash)

JAKARTA - On Monday, November 22, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned that cybercriminals might try to take advantage of the upcoming holidays, Thanksgiving and Christmas, to target companies, including critical infrastructure providers.

With employees on vacation and many offices understaffed, vacations are the ideal time to offend. “Recent history tells us that this could be a time when these persistent cyber actors elsewhere in the world are looking for ways, both large and small, to disrupt critical networks and systems belonging to organizations, businesses and critical infrastructure.” the agency said.

US officials are very concerned about hackers spreading ransomware to victims' networks. Malicious attacks are often designed to encrypt entire fleets of computers, which can cripple an organization's network. The same attack can also lead to the theft of confidential data, including company files and employee personal information.

"While neither the CISA nor the FBI currently identifies any specific threats, the recent 2021 trend shows malicious cyber actors launching serious and impactful ransomware attacks, over holidays and weekends, including Independence Day and Mother's Day weekends," the agency added.

The ongoing threat has prompted President Joe Biden's administration to make the fight against ransomware a national security priority. However, many of the hackers behind the attacks are thought to be based in Russia, a country that refuses to extradite suspects or criminals to the US.

As a result, US cyber authorities are warning all entities, especially critical infrastructure providers, to remain vigilant during the upcoming holidays. This includes assigning certain IT staff members to be on standby in case a ransomware attack occurs and implementing multi-factor authentication on all administrative accounts.

The agency also warns that phishing emails and fake websites from reputable businesses can often transmit ransomware infections.

In late August, the US also warned that hackers might use the Labor Day holiday to target organizations. A few days later, Howard University in Washington, DC was forced to cancel classes after a ransomware attack spread to the school's IT system.