Labor Day Weekend Ransomware Warnings: U.S. warns firms to be on guard against hostile network activity
In a press briefing at the White House yesterday, White House deputy national security adviser Anne Neuberger reinforced the warning the FBI and CISA released a few days ago:
“Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months. The FBI and CISA do not currently have specific information regarding cyber threats coinciding with upcoming holidays and weekends. Cyber criminals, however, may view holidays and weekends—especially holiday weekends—as attractive timeframes in which to target potential victims, including small and large businesses. In some cases, this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”
Neuberger added: “We want to raise awareness and this need for awareness is particularly for critical infrastructure owners and operators who operate critical services for Americans.”
While Neurberg acknowledged that the threats over the weekend were not specific, “we do have this history.” The largest incidents in 2021 – Colonial Pipeline, JBS and Kaseya – all happened over holidays and weekends.
The FBI also released a Ransomware threat alert specifically for the Food and Agriculture Companies, pointing out the role their critical infrastructure and supply chain operations play in the health and safety of the public and economy.
In other OODALoop news, we have updated the Cybersecurity Sensemaking | OODA Loop section with the creation of the USG Cybersecurity Initiatives and Updates | OODA Loop page.
Direct links related to Labor Day weekend ransomware threat warning from the USG:
- Press Briefing by Press Secretary Jen Psaki and Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger, September 2, 2021 | The White House
- CISA and FBI Urge Organizations to Remain Vigilant to Ransomware Threats on Holidays, Including this Labor Day | CISA
- Ransomware Awareness for Holidays and Weekends | CISA
- OODA Loop – FBI Warns Food and Agriculture Firms of Ransomware Threat
- Stop Ransomware | CISA
- CISA Urges Patching Atlassian Software Before Holiday Weekend
- Confluence Security Advisory – 2021-08-25 | Confluence Data Center and Server 7.13 | Atlassian Documentation
- OODA Loop – Atlassian Patches Critical Vulnerability in Jira Data Center Products
- OODA Loop – One-click account takeover vulnerabilities in Atlassian domains patched
Further USG Ransomware Resources:
- The Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Ransomware Guide
- Bad Practices | CISA
- National Checklist Program | NIST
- Domain security best practices | .gov (dotgov.gov)
- Performance.gov/data (Beta) | Performance.gov
- Technical Approaches to Uncovering and Remediating Malicious Activity | CISA
- Cyber Hygiene Services | CISA
- CISA, Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) Joint Cybersecurity Advisory on Ransomware Activity Targeting the Healthcare and Public Health Sector
- CISA, FBI, DHS Homeland Security Investigations, and U.S. Secret Service recorded video discussion on Trends and Predictions in Ransomware from the 2020 CISA National Cybersecurity Summit.
- CISA Fact Sheet on Cyber Threats to K-12 Remote Learning Education for non-technical educational professionals with contributions from the FBI.