Ransomware attacks in the US spiked during all major holiday weekends this year, including Mother’s Day, Memorial Day, and the Independence day weekends. It looks like when employees are taking a break, ransomware gangs are getting to work.
The worrying trend has prompted the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to issue an advisory to all US government and private organizations to stay alert in the upcoming Labour Day weekend for ransomware and other attacks.
The advisory outlines steps organizations should take to mitigate ransomware and other threats. The recommendations include performing threat hunting for signs of attackers, updating software, performing network segmentation, backing up data offline, and ensuring all remote access and administrative accounts have strong passwords and are protected with multi-factor authentication.
“The FBI and CISA encourage all entities to examine their current cybersecurity posture and implement the recommended best practices and mitigations to manage the risk posed by all cyber threats, including ransomware,” the advisory said.
The advisory also recommends organizations have an incident response plan and contingency plan ready if critical systems are taken out.
It’s crucial to note that it was Independence day weekend during which over 1000 thousand companies succumbed to a massive supply chain attack by the REvil ransomware group.
The CISA-FBI’s advisory included specific steps including:
- Isolate the infected system and disconnect it from all networks, including wireless, and place in a central location and flag them.
- Power off other computers and devices
- Secure backups so backup data is offline; scan them for malware.
ManageEngine has a webinar that explains a 5-step action plan that can help you counter ransomware attacks. You can watch the webinar recording here.