Two of the nation’s leading intelligence agencies are warning of a possible rise in malicious cyber attacks over Thanksgiving, citing previous spikes around a number of holiday weekends so far this year.
In a joint statement released Monday, the Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) said they have reason to believe malicious actors might attempt to “disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure” over the holiday week and weekend.
While neither agency has identified any specific threat, cyber attacks have increased in severity and frequency around holidays this year, specifically Independence Day, Memorial Day and Mother’s Day weekends.
The FBI and CISA offered a number of best practices that employers and larger organizations can take to protect critical digital infrastructure ahead of any possible attack.
Employers should first identify a number of individuals in IT who can be available to “surge” services over holidays and weekends. Intelligence officials found that networks targeted during times of low staffing offered a “head start for malicious actors,” as “network defenders and IT support of victim organizations are at limited capacity for an extended time.”
Employers are also encouraged to conduct phishing exercises to remind employees not to click on suspicious links, as well as implement two-factor authentication and consistent monitoring of any remote networks.
The United States has seen an increasing amount of ransom and other cyber attacks in recent months.
Between January - July 31, the FBI’s Internet Crime Complaint Center received 2,084 complaints of cyber attacks, totaling over $16.8 million in losses. Those figures represent a 62% rise in reports and a 20% increase in monetary losses compared to the same months in 2020.
Phishing scams are among the most common tactics malicious actors use to gain access to private networks, but are also used to target individuals to get personal information which can later be used for purchases
The most common form of individual scams, which also increase around the holiday season, are non-delivery and non-payment crimes. The former involves a customer making a purchase and never receiving the item; the latter occurs when an individual ships an item but never receives payment.
“The FBI is dedicated to combating cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” FBI Cyber assistant director Bryan Vorndran wrote in a statement. “We will continue to provide cyber threat information and share best safeguard practices.”