In July 2021, during the Fourth of July holiday weekend, Sodinokibi/REvil ransomware actors attacked a U.S.-based critical infrastructure entity in the IT Sector and implementations of their remote monitoring and management tool, affecting hundreds of organizations-including multiple managed service providers and their customers.and Australian meat production facilities, resulting in a complete production stoppage. In May 2021, over the Memorial Day weekend, a critical infrastructure entity in the Food and Agricultural Sector suffered a Sodinokibi/REvil ransomware attack affecting U.S.After DarkSide actors gained access to the victim’s network, they deployed ransomware to encrypt victim data and-as a secondary form of extortion-exfiltrated the data before threatening to publish it to further pressure victims into paying the ransom demand. In May 2021, leading into Mother’s Day weekend, malicious cyber actors deployed DarkSide ransomware against the IT network of a U.S.-based critical infrastructure entity in the Energy Sector, resulting in a week-long suspension of operations. In some cases, this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time. Cyber criminals, however, may view holidays and weekends-especially holiday weekends-as attractive timeframes in which to target potential victims, including small and large businesses. The FBI and CISA do not currently have specific information regarding cyber threats coinciding with upcoming holidays and weekends. entities on or around holiday weekends over the last several months. Threat Overview Recent Holiday TargetingĬyber actors have conducted increasingly impactful attacks against U.S. The FBI and CISA encourage all entities to examine their current cybersecurity posture and implement the recommended best practices and mitigations to manage the risk posed by all cyber threats, including ransomware.Ĭlick here for a PDF copy of this report. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months. The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends-when offices are normally closed-in the United States, as recently as the Fourth of July holiday in 2021. Immediate Actions You Can Take Now to Protect Against Ransomware
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |