I’m posting this earlier than usual, so you can prepare before the Labor Day weekend here in the US. But this applies to really any national holiday that creates a long weekend or other popular vacation period.
Crime Takes Time
Ransomware is malware that encrypts all your files, then asks you to pay money to get them back. You still have all your data – you just can’t read it. Encrypting all your files is a time-consuming process (the more data, the more time). The process of probing and penetrating computer systems can take time, as well. Finally, many ransomware gangs are not just locking your data up locally – they’re stealing it, too. Why? Well, if you happen to have good backups (one of the best defenses against ransomware), they can then threaten to sell or leak your data if you don’t pay.
There are other reasons to go slowly when hacking computer systems. Sometimes moving hastily can trigger defenses or alarms. Generally speaking, criminals prefer to do bad stuff when no one else is watching. People get in the way. People notice odd behavior. People just get lucky and stumble upon stuff. Better to work when no one is around.
While the Cat’s Away
For these reasons, long holiday weekends are prime opportunities to infiltrate computer networks. And smaller businesses and organizations without 24/7 IT support staff are prime targets. It’s highly likely that people will not be in the office to notice files getting encrypted or computers acting funny. Furthermore, people are just more “checked out” around holidays. Not only are they less likely to work during off hours, but they’re also just not as focused on boring things like computer security. The evidence backs this up. Look at the massive Kaseya hack over the Fourth of July weekend and the JBS attack over Memorial Day weekend.
Cybersecurity experts have noticed this trend and are now warning companies to be extra vigilant before and during long holiday weekends. The US Cybersecurity and Infrastructure Security Agency (CISA) just issued a stark advisory prior to Labor Day weekend, urging organizations to take extra precautions ahead of the holiday. If you are part of a small-to-medium organization or business, you should read over this article ASAP. CISA has several other helpful tools and resources you should look at, too.
Lessons for Everyone
Much of the advice in this advisory, and even the free tools offered, have value for individuals, too. Here are some of the top tips from CISA, most of which are best practices for everyone:
Make an offline backup of your data
Do not click on suspicious links
Update your OS and software; scan for vulnerabilities
Use strong passwords
Use multi-factor authentication
Secure your user accounts
Have an incident response plan
Secure your network(s): implement segmentation, filter traffic, and scan ports
If you use RDP—or other potentially risky services—secure and monitor