Connect with us

Plato Vertical Search

Cyber Security

All I Want for Christmas Is Ransomware

Reading Time: 2 minutes

It has become an annual occurrence. Every year, pre-Thanksgiving up to the Christmas period, organizations are warned multiple times to anticipate the cyberattacks that affect organizations of all sizes. The Albany County Airport Authority, Sodinokibi ransomware attack in December 2020, and Magecart attack during Black Friday this year, are such examples where holiday seasons have become a targeted period for threats, as well full-scale ransomware attacks.

What Should Organizations Be Aware of?

FBI and CISA agencies have recognized similar trends before the Memorial and July 4th holidays, with the end-of-year holiday season joining that list. The Christmas holidays and in particular the holiday weekend is being seen by attackers as the most ‘ideal attack window’ in which they can exploit networks and systems. Almost all forms of ransomware can cripple IT infrastructure and completely stop a business from running, but there are some specific ransomware examples that should be watched for during the holiday season. These include ‘LockBit, Zeppelin, Crysis/Dharma/Phobos, PYSA, Conti, and RansomEXX. However, it’s important to note, this is not an exhaustive list but rather a group of commonly reported ransomware over the past few months in the run-up to December.

Both the FBI and CISA have highlighted two primary areas of best practices where organizations should preemptively plan for in the run-up to the holiday weekend: establishing foundational cyber hygiene best practice and proactive monitoring.


FOUNDATIONAL STEPS THREAT MONITORING
– Backing up data regularly – Regularly assess data logs for anomalies
– Assess 3rd party vendor security posture for any suspect activity – Apply a behavior-based monitoring approach for endpoint, network, and user activity
– Auditing of admin accounts and configuring access control to least privilege – Monitoring abnormal inbound/outbound network traffic
– Ensure alerting mechanisms are automated – Irregular login activity/privilege escalation attempts
– Deployment of endpoint detection and response, SIEM solutions, and other intrusion detection methods – Development of a threat hunting plan based on various approaches (e.g. structured/unstructured, intel-based hunting, etc.)
– Development of a readiness and response plan in case of a ransomware attack

Moving Forward

The mid-market and large enterprise landscape must understand that preemptive steps for security are not limited to the above commentary, but rather, an all-encompassing security posture plan that involves preventative and detection procedures, and dynamic threat hunting activity is the best way to help tackle potential ransomware threats. For more detailed FBI and CISA recommendations, access Alert (AA21-243A).

The post All I Want for Christmas Is <del>Ransomware</del> appeared first on Comodo News and Internet Security Information.

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://blog.comodo.com/cybersecurity/holiday-ransomware-prevention/

Related Streams

Blockchain

His embrace of the industry may be a counterintuitive and risky play to cover a weak point with voters.

Cannabis

Two alleged Maine marijuana traffickers can be prosecuted on drug charges, an appeals court ruled on Thursday in a crucial test ... Read More

Gaming

Steamforged Games have released new details about their recently announced and highly anticipated next project: the Dark Souls tabletop RPG. Read this article on...

Gaming

Path of Exile: Siege of the Atlas has been revealed as the next Path of Exile expansion, and it's bringing some big overhauls to the game in February...