Labor Day Weekend Guidance in Anticipation of Increased Cyberattacks Over Holidays
On Aug. 31, the Federal Bureau of Investigation (FBI) and the Cybersecurity Infrastructure Security Agency (CISA) issued a Joint Cybersecurity Advisory urging organizations to ensure they protect themselves against ransomware attacks during holidays and weekends – when offices are normally closed.
The Joint Cybersecurity Advisory explains that while there are no specific threat reports indicating a cyberattack will occur over the coming Labor Day weekend, there has been a rise in cyberattacks during holidays. CISA and the FBI explain that entities should be especially diligent in network defense practices based on recent threat actor tactics, techniques, and procedures (TTPs). The Joint Cybersecurity Advisory advises organizations to engage in preemptive threat hunting on their networks. For indicators of suspicious activity that threat hunters should look for and recent examples of holiday cyberattacks, view the Joint Cybersecurity Advisory.
In conjunction with the Joint Cybersecurity Advisory, CISA issued an Alert recommending that organizations identify IT security employees to be available and “on call” during holidays in the event of a ransomware attack. Additional actions that organizations can take that may reduce their risks and impacts of compromise include the following:
- Make an offline backup of your data.
- Do not click on suspicious links.
- If using Remote Desktop Protocol (RDP), or other potentially risky services, disable if possible and secure and monitor if necessary.
- Update your operating system and software; scan for vulnerabilities.
- Use strong passwords, consider changing them now.
- Implement and use multi-factor authentication wherever possible.
- Secure your network(s): implement segmentation, filter traffic, and scan ports.
- Secure your user accounts.
- Have a hard copy of your incident response plan, and review and update where needed.
For more resources see the Alert (AA21-243A) issued by CISA in conjunction with the Joint Cybersecurity Advisory discussed above.
As your cyber partner, the Clark Hill Cybersecurity, Data Protection, and Privacy Team is available to answer any questions and provide practical guidance regarding your organization’s cybersecurity challenges and to respond in the event of a cyberattack.
The views and opinions expressed in the article represent the view of the author and not necessarily the official view of Clark Hill PLC. Nothing in this article constitutes professional legal advice nor is intended to be a substitute for professional legal advice.
Legal, Tax and Infrastructure Requirements for Fleet EV Charging
Organizations that currently own or intend to acquire electric vehicles can gain insights into tax, legal, and infrastructure requirements by understanding best practices and common mistakes. The panel will also discuss new EV laws and charging technology.
For companies considering a full or partial transition to EV fleets, the webinar will discuss how to maximize tax rebates, determine optimal legal contracts, and identify funding opportunities. The presentation will also cover infrastructure considerations with regard to electrical and cyber requirements.
Recreational Windfall: How to Prepare for Outside Players in Montana’s Cannabis Industry
Join national cannabis service providers Clark Hill, MGO, and eXp Commercial for a deep dive into the challenges and opportunities facing operators in Montana’s new adult-use cannabis industry.