With the onset of the holiday season, employees, especially in the West, take off on the much-awaited annual leave and head home for family vacations. It is also the time when threat actors wait for their annual bounty. With holiday fever at its peak and organizations in “out of office” mode, cybercriminals continue to be in “active mode.”
In a joint alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are alerting all organizations – big or small – and critical infrastructure partners that malicious actor groups are in full fire to launch premeditated cyberattacks during the holiday season.
“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways — big and small — to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the alert said.
Friendly reminder to remain vigilant to #ransomware and other cyber threats this holiday season. Cybercriminals don’t take off days! Follow our tips in our joint release with the @FBI: https://t.co/gFmiRTR2rK #StopRansomware https://t.co/KRnPXhNwaJ
— Cybersecurity and Infrastructure Security Agency (@CISAgov) November 24, 2021
Tessian researchers reveal that almost two-thirds (64%) of the top couriers are at risk of having their domains impersonated by scammers, as their email domains are not sufficiently protected against phishing, spoofing, or fraud. What’s more, only 20% of the top global couriers have configured DMARC (Domain-based Message Authentication, Reporting & Conformance) to its highest security level.
The FBI and CISA have stringent advice for organizations, especially critical infrastructure and services, to assess the current security posture and implement best practices and mitigations to attenuate the threat posed by cyberattacks this festive season.
CISA and the FBI Recommend
- Identify IT, security employees, for weekends and holidays who would be available to surge during these times in the event of an incident or ransomware attack.
- Implement multi-factor authentication for remote access and administrative accounts.
- Mandate strong passwords and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
- Remind employees not to click on suspicious links and conduct exercises to raise awareness.
Caroline Wong, Chief Strategy Officer at Cobalt, opines, “Cybercriminals don’t take off for Thanksgiving holidays, and neither should your cybersecurity safety measures. To combat malicious attackers, business leaders should heed CISA’s warning and proactively search their systems for potential security vulnerabilities now before it’s too late. Year-round preventative security measures go a long way. It’s simple — you must identify your assets, find your security problems, and promptly fix those security problems. This will protect you when cybersecurity incidents occur, whether during the holidays or not.”
“People are expected to receive a lot of packages during the holiday season – and hackers take advantage of this by pretending to be FedEx, UPS, and Amazon, to trick victims into giving them personal information that they can use for personal gain. Remain vigilant to avoid falling prey to malicious actors’ ploys.”
Watch Out For
- Phishing scams, such as unsolicited emails posing as charitable organizations.
- Fraudulent sites spoofing reputable businesses — it is possible malicious actors will target sites often visited by users doing their holiday shopping online.
Being vigilant is imperative and not a choice. It is important to closely monitor your security posture before signing off for the season.