I’m posting this earlier than usual, so you can prepare before the Labor Day weekend here in the US. But this applies to really any national holiday that creates a long weekend or other popular vacation period.
Crime Takes Time
Ransomware is malware that encrypts all your files, then asks you to pay money to get them back. You still have all your data – you just can’t read it. Encrypting all your files is a time-consuming process (the more data, the more time). The process of probing and penetrating computer systems can take time, as well. Finally, many ransomware gangs are not just locking your data up locally – they’re stealing it, too. Why? Well, if you happen to have good backups (one of the best defenses against ransomware), they can then threaten to sell or leak your data if you don’t pay.
There are other reasons to go slowly when hacking computer systems. Sometimes moving hastily can trigger defenses or alarms. Generally speaking, criminals prefer to do bad stuff when no one else is watching. People get in the way. People notice odd behavior. People just get lucky and stumble upon stuff. Better to work when no one is around.
While the Cat’s Away
For these reasons, long holiday weekends are prime opportunities to infiltrate computer networks. And smaller businesses and organizations without 24/7 IT support staff are prime targets. It’s highly likely that people will not be in the office to notice files getting encrypted or computers acting funny. Furthermore, people are just more “checked out” around holidays. Not only are they less likely to work during off hours, but they’re also just not as focused on boring things like computer security. The evidence backs this up. Look at the massive Kaseya hack over the Fourth of July weekend and the JBS attack over Memorial Day weekend.
Cybersecurity experts have noticed this trend and are now warning companies to be extra vigilant before and during long holiday weekends. The US Cybersecurity and Infrastructure Security Agency (CISA) just issued a stark advisory prior to Labor Day weekend, urging organizations to take extra precautions ahead of the holiday. If you are part of a small-to-medium organization or business, you should read over this article ASAP. CISA has several other helpful tools and resources you should look at, too.
Lessons for Everyone
Much of the advice in this advisory, and even the free tools offered, have value for individuals, too. Here are some of the top tips from CISA, most of which are best practices for everyone:
- Make an offline backup of your data
- Do not click on suspicious links
- Update your OS and software; scan for vulnerabilities
- Use strong passwords
- Use multi-factor authentication
- Secure your user accounts
- Have an incident response plan
- Secure your network(s): implement segmentation, filter traffic, and scan ports
- If you use RDP—or other potentially risky services—secure and monitor
See the report for further details and help on each of those tips.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!