Ransomware Attacks Increase During The Holidays

Key Article Insights:

• The FBI and Cybersecurity and Infrastructure Security Agency warn business owners of holiday threats.
• Malicious actors not only steal your data but will also demand payment or sell or leak your files.
• Holidays are supposed to be times when we gather together to celebrate, not fear our businesses will come under attack.
• Always back it up, and whatever you do, never click that link inside your email or risk exposure
• The perfect relationship with your computer is always back it up, but if you’re serious, put a VPN on it and show your commitment.
• If you want to turn up the heat on your computer’s security, follow the password guidelines, and turn on multi-factor authentication.

Whenever the holidays or weekends approach, those are the precise times ransomware surges flood the inboxes of unsuspecting companies and organizations. The FBI and Cybersecurity and Infrastructure Security Agency warn and encourage business owners to take necessary precautions before closing during the holidays or long weekends.

Two examples of those spikes. On May 7, 2021, was the Colonial Pipeline ransomware attack. Then May 30, 2021, it was the JBS S.A. cyberattack on a meat processing company. Due to these malicious and criminal activities, these agencies developed proactive methods you can use to help prevent your network from coming under attack.

What Is Ransomware?

According to the Cybersecurity and Infrastructure Security Agency, ransomware is a form of malware that is ever-shifting and changeable. It can encrypt files on your device, blocking anyone from accessing the files and computer systems.

Those individuals that do this are called “Malicious Actors” that demand payment as a ransom. They always promise once they receive your payment, they will hand over a means to decrypt the files and systems. Refusing to pay, the threat of selling or leaking the files will take place.

Why Are Holidays The Prime Targets?

With continued observation, the FBI and CISA agencies have seen ransomware attacks rise during holidays and long weekends. That’s when companies and offices are traditionally closed. Three-day holidays include Memorial Day, Labor Day, Columbus Day, Martin Luther King Jr. Day, and Presidents Day.

Even when these agencies have no intel or information about a potential ransomware attack, they still provide information so you can remain diligent when protecting your systems. Practicing your network defense procedures, always be alert as the holidays and weekends approach.

Make Sure You Have Offline Backups

Ideally, an offline system automatically backing up your data is the best option. However, if your backup method includes using a USB drive plugged into the back of your server, remove the device, take it with you, and properly secure it.

That’s called “Air Gapping” and is the best way to prevent that device from establishing an external connection. Should your network or computer system become infected, your USB drive has no exposure to the ransomware attack.

Never Click On Links Inside Emails

Most email users don’t realize that an innocent-looking message could be a highly engineered phishing email. Those fraudulent messages trick the recipient into handing over sensitive information to someone they believe they know.

A quick way to expose your network to a ransomware attack is by clicking on a link inside an email. Even if you know the individual, it is always prudent to manually go to the website and type in the URL address.

Be Cautious With Remote Desktop Protocols

With Remote Desktop Protocol (RDP), your team can easily use a desktop computer remotely. Should you have employees still working from home, you never want them to open up the ports on their firewalls.

The main issue with RDP is its vulnerabilities. It’s been discovered that this technical standard has too many holes and risks that can expose and jeopardize a network. If RDP needs initiating, set it up to work over a virtual private network (VPN).

Continually Update Your Computer’s Operating System

Any unknown exploits could enter and infect your system. Once inside, you may not know what or how the attack happened. Should you forget to update your operating system, your computer will not have the latest updates installed to detect and prevent them.

However, you have a great feature at your fingertips to help prevent intrusion. Go into your computer and search for updates. Once you locate it, you want to set up your computer’s system updates to run automatically.

It All Begins With A Strong Password

We cannot emphasize having a strong password enough. A big mistake we see is users have short easy passwords that get bypassed quickly. The other security issue is sharing the same password with co-workers or using it for securing any access point.

The best length and password design combine numbers, characters, and upper and lower case letters. So instead of your password that looks like this, ABC1234, it would look something like this, A4#@62sF!!3ty.

Multi-Factor Authentication Turns Up The Heat

More and more online companies, from shopping platforms to Microsoft 365, cable companies, to email providers, have implemented multi-factor authentication for your protection. MFA is your electronic authentication tool granting access to an app or website.

That process only works when two or more pieces of verifiable proof can authenticate you are the authorized user. Should the MFA not recognize your login location, the system will send you a text for further verification.

CCS Helps Businesses Avoid Holiday Ransomware Attacks

The Colorado Computer Support team is always looking for threats, ransomware attacks, and methods that can exploit your systems. Contact us today or call (719) 439-0599 to speak to our friendly staff when you want that top-level protection.