Feds Warn of Ransomware Attacks Over Labor Day Weekend
Posted September 03, 2021
Written by John Shea III, Xpanxion Technical Writer
When’s the best time to plan a robbery?
When no one’s looking. When is no one looking? Usually when the bank or company is closed. When are they closed? Usually on a weekend, especially a long holiday weekend. What’s coming up? Labor Day. Three days to get in and get out without anyone noticing. So set up your defense on Friday, right?
By Friday it might be too late. The robbers/hackers probably have a foothold through a hole in security and were lurking around searching every data nook and cranny, waiting for just the right moment to siphon off funds or plant the ransomware. Tuesday morning when you come back to work, you find you were compromised.
It happened in May just before Mother’s Day weekend to Colonial Pipeline, disrupting a major supply chain for gasoline. Over Memorial Day weekend, JBS USA, a major meat producer, was extorted for $11 million, threatening meat supplies. And then over the Fourth of July weekend, IT software management company Kaseya impacting up to 1,500 companies.
Ragnorak, DarkSide, REvil are just some of the key hackers. The North Korean Lazarus Group stole $81 million from the Bangladesh Bank taking advantage of the Lunar New Year holiday being on a Friday and Saturday, a holiday through much of Asia. However, it’s not just Hallmark Holidays when they strike. Any weekend is prime time for skullduggery.
The FBI and CISA (Cybersecurity and Infrastructure Security Agency) have jointly issued a warning for companies to be on the watch. The agencies say that while there is no intelligence about specific threats, holiday weekends seem to be when cybercriminals find opportunities to attack. The less people around, the longer it takes someone to notice the theft taking place which means the less chance to stop the attack.
Even more hackers are lined up and ready to attack. The FBI and CISA cited attacks over the last month from ransomware gangs called Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin, and Crysis/Dharma/Phobos. A new one called LockFile, to evade detection, uses an “intermittent” encryption tactic.
Your company can buy ransomware insurance but that might set you up for an attack because some hackers might think then you’ll pay.
The Department of Homeland Security says they are making ransomware threats a higher priority. President Biden has demanded chief executives of some of the largest companies in the U.S. – including Amazon, IBM, Microsoft and Google – do more to guard against cyberthreats. In the meantime, what can you do to make your company safe from attack, if it’s not too late?
Email phishing is one way the attackers get in, so be wary of emails with addresses that don’t match where they are supposed to come from. Here are 10 ways to avoid a phishing attack:
- Slow down and carefully read the message. Think before you click.
- Mouse over links to what really lies beneath the URL.
- Beware of poor spelling, grammar, lots of capital letters and too much punctuation.
- Look out for generic greetings. Legitimate entities will address you by your full name or user name.
- Verify email addresses or company logos.
- Remain skeptical.
- Don’t let emotions get the better of you. Phishing pushes a sense of urgency.
- Government entities will not email asking you for payment.
- Phishing usually comes with malware attached. Use extreme caution whenever you receive a random attachment.
- Never make assumptions. Any request for sensitive information or money should immediately raise suspicions.
With these in mind and in use all the time, your computer system can be safer. When you return from that long holiday weekend, all charged and refreshed, you won’t be surprised by a ransomware attack that happened while you were gone.
We can help keep you safe. To learn more about our cyber security practices visit here.
About Xpanxion - Solving business problems with technology. We are software product engineering experts with over 20+ years of experience delivering the technologies, software architectures, processes and people critical to delivering success. As a trusted partner, we focus on business solutions and alliances that provide end-to-end value to solving our customer’s problems. We focus on providing best-in-class solutions by developing custom solutions with modern technologies or by delivering industry recognized off the shelf solutions.
Expertise Solutions and Alliances Platforms and Technologies Industries
Media Contact: email@example.com