CISA Urges Critical Infrastructure to Be Alert for Holiday Threats

CISA and the FBI share steps organizations should take to better protect against security threats during holidays and weekends.

Dark Reading Staff, Dark Reading

November 22, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

As Americans across the country get ready for turkey and travel this Thanksgiving, the Cybersecurity and Infrastructure Security Agency and the FBI issued a warning to all organizations, but especially critical infrastructure, about security threats they might face during the holiday season.

"Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways — big and small — to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure," officials wrote in a statement.

While they have not identified any specific threats, officials noted this year's trends show attackers have chosen holidays and weekends, such as Independence Day and Mother's Day weekends, to launch serious ransomware campaigns. They urge organizations to examine their security posture and adopt best practices to manage their risk.

The recommendations include identifying IT security employees who would be available to work during weekends and holidays in the event a cyberattack occurs. They also advise implementing multifactor authentication for remote access and admin accounts; mandating strong passwords and ensuring they aren't reused across multiple accounts; and ensuring potentially risky services such as Remote Desktop Protocol (RDP) are secure and monitored.

Officials also advise reviewing incident response and communication plans, and updating them if necessary, to reduce potential business impact if an incident occurs.

Read the full release for more details.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights