In early July, hundreds of businesses around the world were adversely affected by a ransomware attack. To be more specific, the attack was timed to coincide with the July 4th holiday weekend. And that’s not the only holiday when hackers have found a moment calling out to be exploited. Hackers have also struck on Memorial Day and even Mother’s Day — but that’s not out of a desire to send a message.
Writing at WIRED, Brian Barrett has a good rundown on why hackers love holidays. Their reasoning, Barrett writes, is relatively simple: a holiday weekend means that fewer people will be keeping an eye on computer and network systems — and fewer people will notice that something’s amiss when an attack begins.
For long weekends, this means that security specialists could be out of the office for longer. And even for holiday weekends that don’t involve extra days off, you might well be spending time with friends or family — entirely understandable things to do on such an occasion.
Late last month, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert calling for increased vigilance against ransomware attacks. The agencies noted that they were not responding to a specific threat.
“Cyber criminals, however, may view holidays and weekends — especially holiday weekends — as attractive timeframes in which to target potential victims, including small and large businesses,” the agencies wrote. “In some cases, this tactic provides a head start for malicious actors conducting network exploitation and follow-on propagation of ransomware, as network defenders and IT support of victim organizations are at limited capacity for an extended time.”
They also offer a list of best practices for preventing and responding to ransomware attacks. Hopefully this Labor Day will be a relaxing one for cybersecurity professionals, but taking some precautions is never a bad thing.
Thanks for reading InsideHook. Sign up for our daily newsletter and be in the know.