Nov 22, 2021 - Politics & Policy

CISA and FBI issue holiday season ransomware warning

A member of the Red Hacker Alliance using a website that monitors global cyberattacks on his computer  in Dongguan, China's southern Guangdong province, in August 2020..

Photo: Nicolas Asfouri/AFP via Getty Images

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are urging public and private sector organizations to remain vigilant and bolster protections against ransomware and other cyberattacks during the holidays.

Why it matters: Malicious cyber actors often take advantage of holidays and weekends to disrupt critical networks, the agencies said. Ahead of Thanksgiving, the federal government is warning organizations to be proactive about reducing vulnerability to cyberattacks.

Details: The cybersecurity reminder issued Monday outlines best practices, which include:

  • Ensuring IT security workers are available during weekends and holidays.
  • Implementing multi-factor authentication for administrative and other accounts.
  • Updating incident response and communication plans in case of an attack.

What they're saying: "While we are not currently aware of a specific threat, we know that threat actors don't take holidays," CISA Director Jen Easterly said in a statement.

  • "We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season," Easterly said.
  • "Cyber criminals have historically viewed holidays as attractive times to strike," added FBI cyber assistant director Bryan Vorndran. "We urge network defenders to prepare and remain alert over the upcoming holiday weekend."
  • Organizations should report any cyber incidents to CISA or the FBI, they added.

Why it matters: Multiple cyberattacks targeted critical U.S. infrastructure this year, ranging from a major meat supplier to the federal government.

Go deeper