Holidays Offer Easier Targets, More Opportunities for Hackers
Note: We may earn a commission from products or services when you click on a link and make a purchase.
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) say that ransomware attacks generally increase on holiday weekends. This is Labor Day weekend. While you’re enjoying a long weekend, hackers are taking advantage of businesses that have let their guard down.
Hackers know that companies operate with reduced staff during holiday periods. Furthermore, some or all of the IT staff may be working remotely or relying on automated monitoring systems to notify them of suspicious behavior. People who are working are likely to be the rookie staff with low seniority or skill.
But enterprise organizations are not the only targets. Individuals tend to think they don’t have enough money to be of interest to hackers, but that’s not true at all.
So far this year the FBI’s Internet Crime Complaint Center (IC3) has received 2,084 ransomware complaints from the American public totaling almost $17 million in losses. This is a 62% increase in incidents accompanied by a 20 percent increase in financial losses compared to last year.
“Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months,” says the bulletin from CISA.
In the last 30 days ransomwares Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin, and Crysis/Dharma/Phobos have appeared as the most frequently encountered ransomwares in circulation.
Labor Day is not the only holiday exploited by hackers. Mother’s Day, Memorial Day, and Independence Day are all favorite times to launch cyberattacks and email phishing campaigns.
On Mother’s Day this year. DarkSide ransomware was used in an attack on the energy sector.
Memorial Day weekend was marred by a Sodinokibi/REvil ransomware attack on the Food and Agricultural Sector industry. The same ransomware was deployed on the 4th of July holiday to attack IT critical infrastructure managed services providers.
IC3 saw a 69% increase in total cyberattack complaints from the public from 2019 to 2020. There were a reported 791,790 cyber security incidents with over $4 billion in losses. In 2020, there was a 20 percent increase in the number of reported crimes. even more disturbing ransom demands had increased 225 percent.
“Although cyber criminals use a variety of techniques to infect victims with ransomware, the two most prevalent initial access vectors are phishing and brute-forcing unsecured remote desktop protocol (RDP) endpoints,” says the CISA bulletin.
Other attack vectors include the use of stolen login credentials. Databases of usernames, email addresses, and passwords are bought and sold on the dark web. This sensitive information is data heisted during previous cyberattacks.
If your bank, credit card, or service provider notifies you that you have been impacted by a data breach you should change your password right away. Just because he didn’t notice any suspicious activity immediately or notice unauthorized charges, it doesn’t mean your username and password are safe. Your stolen login credentials may be sold one or more times on the dark web and used in a future cyberattack.
Just last week over 50 million T-Mobile customers had their login information stolen in a massive cyberattack.
Never reuse a username and password combination across multiple online accounts. Create a unique password for every single account you have. Since the average Internet user has almost 200 online accounts – including banks, credit cards, lines of credit, mortgages, and loyalty programs – it’s hard to remember the unique password for each one of them. Try using a password manager to help you create and store hard-to-guess passwords.
The FBI and CISA strongly discourage paying a ransom to hackers. Paying a ransom never guarantees that the attackers will release control there I taste system or data. the payment may also give hackers an idea of how much you are willing or able to pay which one centralized them to attempt future attacks.
Report ransomware incidents to CISA, a local FBI field office, or by filing a report with IC3 at IC3.gov.