[BreachExchange] FBI, CISA warns ransomware attacks surge over holiday weekends: 6 things to know this Labor Day weekend
Sophia Kingsbury
sophia.kingsbury at riskbasedsecurity.com
Thu Sep 2 09:02:24 EDT 2021
https://www.beckershospitalreview.com/cybersecurity/fbi-cisa-warns-ransomware-attacks-surge-over-holiday-weekends-6-things-to-know-this-labor-day-weekend.html
The FBI and Cybersecurity and Infrastructure Security Agency are warning
companies of the increased risk of ransomware attacks over Labor Day
weekend.
The FBI and CISA said there are surges in ransomware attacks on holidays
and weekends when offices are traditionally closed, according to an Aug. 31
CISA report. The federal agencies observed ransomware attacks consistently
on holiday weekends, such as the Fourth of July, Mother's Day weekend and
Memorial Day weekend. The FBI and CISA said there is no indication that a
ransomware attack will occur over the weekend, but wanted organizations to
be aware of the increased threat level.
Six things to know:
1. The FBI's Internet Crime Complaint Center received 791,790 complaints
about internet crime in 2020, with losses reportedly exceeding $4.1
billion. From January to July 31, 2021, the center has received 2,084
ransomware complaints with over $16.8 million in losses, a 62 percent
increase in reporting and a 20 percent increase in reported losses compared
to the same time frame in 2020.
2. Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin and
Crysis/Dharma/Phobos are the ransomware variants most frequently reported
to the FBI.
3. Hackers are increasingly threatening to publicly name affected
victims and release their sensitive data to push affected organizations to
pay a ransom.
4. The two most common initial access points are phishing and brute
force attacks on remote desktop endpoints. Other common tactics of initial
infection include deploying malware, exploiting software, exploiting
managed service providers with access to customer networks and purchasing
stolen credentials on the dark web.
5. Hackers use the access to evaluate a victim's ability to pay a
ransom, to evaluate the victim's incentive to pay ransomware to regain
access to their data or avoid it being leaked, or to gather information for
follow-up attacks.
6. The FBI and CISA suggest organizations proactively hunt for threats
in their networks to search for signs of unauthorized activity. Threat
actors can be present for a long time before they lock down the system and
request ransom payment.
To read the full list of threat mitigations, click here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210902/304ab340/attachment.html>
More information about the BreachExchange
mailing list