With the holiday season on the horizon, CISA and FBI suggest organizations stay vigilant to not fall victim to cyber-attacks.
As the world prepares for upcoming holidays, CISA and the Federal Bureau of Investigation (FBI) have issued a reminder for critical infrastructure partners that threat actors are unlikely to have the same holiday plans as them.
Even though neither of the institutions has identified any threats that should be a concern, they stated that malicious actors are more likely to capitalize on this given opportunity as per recent events. If not taken specific precautions, these partners have a higher chance of suffering through a ransomware attack. “Ransomware has been a constant cybersecurity threat to organizations for many years,” says Breet Sleeper, Data Security Product Marketing Manager, HelpSystems, a provider of IT management software and service providers. He adds, “The tools are used to gain access to systems or networks with the objective of stealing or locking down sensitive data. The perpetrators then demand a ransom for its safe return, with many threatening to release the data into the public domain or destroy it if the ransom is not paid. Organizations that fall victim to ransomware attacks will often face weeks of costly disruption and unwanted publicity.”
Also Read: Steps Businesses Can Take to Stay Secure During the Holiday Season
Another industry expert Mieng Lim, VP of product management at Digital Defense by Help Systems, states, “Ransomware threats are constantly evolving. From the commoditization of ransomware through the recent availability of as-a-service tools to increasingly sophisticated attack strategies, it is a threat landscape that demands constant monitoring and education from organizations and governments alike. This is perfectly illustrated by the new strain of ransomware discovered by Sophos this week.”
Given the critical nature of the situation, there are certain actions that organizations should take to protect themselves against cyber-attacks such as ransomware during the upcoming holiday season.
FBI and CISA urge all the organizations, especially in the critical infrastructure industries, to examine their current cybersecurity posture while implementing best practices and mitigations to manage risks that are posed by cyber threats. A few steps that organizations should take to secure their infrastructure are:
- Adopt multi-factor authentication (MFA) for remote access and administrative accounts.
- Make it necessary for employees to create strong passwords and ensure that they will not be used across multiple accounts.
- Advise employees not to click on suspicious links while conducting exercises to increase awareness.
In addition, CISA and FBI suggest organizations maintain vigilance against various techniques such as phishing scams and fraudulent sites and unencrypted financial transactions cybercriminals utilize to gain access to networks.
Also Read: Moving on From Legacy OT Enterprise Applications
Breet Sleeper suggests that organizations should improve awareness in tackling attacks such as ransomware. “As ransomware is often delivered through email, employees should be educated on what to look out for and understand the dangers of clicking on unsolicited links or opening attachments,” says Breet Sleeper. He adds, “However, even with training in place, employees may still inadvertently trigger an attack, which is why it’s critical to have technology that prevents ransomware from reaching your organization in the first place.”
“Email security solutions that automatically detect and remove malicious content or active code buried deep in attachments can neutralize threats before they do any harm. Organizations can also make sure that vulnerabilities in systems, software and applications are minimized by keeping them patched and up to date. These countermeasures will help ensure an organization’s defense against ransomware is more resilient and robust, and that its data is well protected.”
Mieng Lim advocates that the first step in building an effective ransomware mitigation strategy is to set realistic expectations. She states that ransomware breaches are no longer fully preventable, so businesses must focus on layering defensive barriers between an attacker and their most sensitive data.
“Running regular penetration testing and vulnerability scanning can help an organization identify and repair possible attack vectors, closing backdoors before an attacker can enter them and minimizing an attacker’s ability to escalate their privileges once inside the system,” says Mieng Lim. She says, “However, for any organization looking to improve its cyber threat response time, threat detection tools are a must.
“Network Traffic Analysis (NTA) works to monitor a network for any suspicious activity, detecting ransomware breaches and infection as quickly as possible. On top of these, active threat scans can give the organization peace of mind. If a breach is spotted, it is important to reassess the state of the IT environment to ensure that there isn’t a repeat attack. Unfortunately, we live in an era where preventing 100% of cyber risks is no longer possible, but constant vigilance, ongoing-cyber threat education, and well-planned threat detection and response strategy will go a long way towards keeping your organization’s most sensitive data safe.”
For more such updates follow us on Google News ITsecuritywire News
