Clicky

mobile btn
Friday, March 29th, 2024

CISA, FBI urge organizations to remain vigilant to ransomware threats over holidays

© Shutterstock

On Tuesday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a cybersecurity advisory that highlighted precautions and mitigation steps public and private sector organizations could take to reduce their risk of ransomware and other cyber attacks over holidays and weekends.

The advisory is based on observations of timings for high impact ransomware attacks previously staged, rather than a reaction to a specific threat, the agencies said.

The advisory recommended organizations engage in preemptive threat hunting on their networks to look for signs of threat actors. For organizations unfamiliar with threat hunting, the advisory provided the basic elements to threat hunting and explained the benefits of the proactive strategy. Additionally, the advisory recommended other best practices that should be adopted by all organizations, public and private, to secure their network, including things like multi-factor authentication for remote access and administrative accounts.

“Ransomware continues to be a national security threat and a critical challenge, but it is not insurmountable,” Eric Goldstein, executive assistant director for cybersecurity at CISA, said. “With our FBI partners, we continue to collaborate daily to ensure we provide timely, useful and actionable advisories that help industry and government partners of all sizes adopt defensible network strategies and strengthen their resilience. All organizations must continue to be vigilant against this ongoing threat.”

The agencies warned that in addition to the threat overview of recent holiday targeting and trends of common ransomware attacks, companies should not count on payments solving a ransomware problem. The advisory noted that paying a ransom to recover data does not guarantee the data will be recovered, and that organizations should not pay the ransom.

The advisory said anyone who comes under a ransomware attack should report it to CISA or the local FBI field office.