Ransomware attackers seem determined to separate you from fun long-weekend scenes like this one. (Ethan Robertson/Unsplash)
Holiday weekends, like the current Labor Day weekend, are great ways for many of us to get a mental health break away from the normal ebb and flow of the work week.
But the problem is that they’ve also become really attractive for gangs of cybercriminals looking to get an edge on unsuspecting companies.
And for that reason, the Cybersecurity & Infrastructure Security Agency (CISA), an arm of the U.S. Department of Homeland Security, put out a warning last week informing companies that three day weekends were likely to create the perfect opening for ransomware attacks, and making it so that at least someone on the IT team might need to be looking at the infrastructure when most of their coworkers are usually out.
As CISA notes in their comment, it’s not exactly a huge surprise that they have to put a note out like this, as at least three significant attacks have taken place in and around major holidays this year alone. From their warning:
Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months. The FBI and CISA do not currently have specific information regarding cyber threats coinciding with upcoming holidays and weekends. Cyber criminals, however, may view holidays and weekends—especially holiday weekends—as attractive timeframes in which to target potential victims, including small and large businesses. In some cases, this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.
So here we are in the middle of a rough time, during a damn pandemic, when people just want to get some time away to do things with their kids or to improve their mental health, and ransomware attackers are basically like, naaaah.
(Christiaan Colen/Unsplash)
Now, to be fair, if movies have taught us anything, it’s that if you’re about to take part in an act of corporate espionage or resource theft, it’s best to do it on the weekends, when the rest of the company is out of office. (Or, at least in the case of Die Hard, when the company is in the middle of a Christmas party and totally distracted.) In other words, this would be the case outside of computers as well. But still, one has to worry if this is going to threaten the way that we take days off going forward.
But the nature of ransomware is such that it doesn’t care about your good intentions. This is a space where, if you way a ransomware attack, you’re more likely to experience another one.
So I guess the question is, what do we do? Do we stop taking holidays? Do we shut down company mail servers on long weekends, so phishing attacks can’t get through? Ask ransomware creators for respect? Or do we put in a lot more planning to prevent the attacks from happening in the first place?
Most companies, for obvious reasons, are having to choose the latter. And it clearly creates frustration when people who could be taking a break suddenly find themselves having to work twice as hard during a time they should be relaxing.
So, if you know an IT person in your life, give them a show of support. They’re probably going into work this weekend so you don’t have to.
Time limit given ⏲: 30 minutes
Time left on clock ⏲: 10 minutes, 9 seconds
