Turkey, pumpkin pie, ransomware safeguards – Check!

The Holidays and weekends are a time for disconnecting, which can also create distractions. Cybercriminals are poised to capitalize on this, especially during the Holiday Season.

On August 31, 2021, the Joint Cybersecurity Advisory was issued by the Federal Bureau of Investigation (FBI) and Cybersecurity & Infrastructure Security Agency (CISA) highlighting their observation that “an highly impactful ransomware attacks occurring on holidays and weekends – when offices are normally closed.” The FBI and CISA reminded readers to remain vigilant in network defense practices and implement the recommended “best practices and mitigations” to mitigate the risk of cyberthreats, which includes ransomware.

Fast forward to a recent November 2022 report from Cybereason, which reinforces that weekend and Holiday ransomware attacks remain an issue and result in greater revenue losses and increased recovery time. In 2021, Cybereason conducted a global survey, which led to alarming results. Specifically, “most companies were unprepared for a ransomware attack during ‘non-business’ hours, largely because they didn’t have contingency plans in place to address them and because they cut staffing levels during these times.” A year later, the findings remained the same – many persons were not prepared to handle a ransomware attack on weekends or holidays.

Thirty-four percent of 1,200 surveyed cybersecurity professionals whose organizations had been hit by ransomware on a holiday or weekend said it took them longer than usual to assemble an incident response team.” Meanwhile, 34% of health care “respondents said that it took their organizations longer to assess the attack scope, and 35 percent of” health care “respondents reported lengthier recovery times.

One startling question that was posed – “[h]ave you ever missed celebrating a holiday or participating in a weekend event because of a ransomware attack?” 88 percent “Yes”. So what are some suggestions to mitigate cybercriminals ruining your holiday or weekend? The following items are prudent solutions:

• Explore different staffing models for SOC analysts and incident responders;
• Identify optimal staffing for holidays and weekends;
• Augment staff with technical safeguards;
• Lock down privileged accounts during weekends and holidays;
• Implement clear isolation practices; and
• Replace traditional antivirus products with behavior-based tools, which are capable of identifying attacks at their earliest stages.

In sum, don’t neglect cybersecurity hygiene while attempting to prevent your turkey or pumpkin pie from burning. Being proactive now can lead to reduced risk and a more enjoyable Holiday Season with peace of mind.

Rachel V. Rose, JD, MBA, advises clients on compliance, transactions, government administrative actions, and litigation involving healthcare, cybersecurity, corporate and securities law, as well as False Claims Act and Dodd-Frank whistleblower cases. She also teaches bioethics at Baylor College of Medicine in Houston. Rachel can be reached through her website, www.rvrose.com.