What you need to know
- The FBI and CISA are reminding security experts to remain vigilant during upcoming holidays such as Thanksgiving, as crime never takes a day off.
- One specific recommendation these entities offer is that organizations should ensure they have cybersecurity on-hand during holidays and weekends.
- Ransomware is highlighted as a major threat for the upcoming season, tainting upcoming festivities centered around giving and sharing with the threat of anonymous cyber extortion.
It's that time of year again. Most folks will be gathering around dinner tables with their family and friends, sharing meals and holiday mirth. And cybercriminals will be in their dark, dingy basements of villainy doing what they do best: Causing trouble. That's why the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have teamed up to jointly warn anyone and everyone who'll listen to stay vigilant during the holidays.
The tips CISA and the FBI give are straightforward: Have a security team ready to go in the event holiday threat actors strike, remind your organization's members to not click sketchy links, and emphasize the importance of strong passwords and multi-factor authentication.
The pair also have guidance on holiday-themed cybercrime techniques to watch out for, which include:
- Phishing scams, such as unsolicited emails posing as charitable organizations.
- Fraudulent sites spoofing reputable businesses—it is possible malicious actors will target sites often visited by users doing their holiday shopping online.
- Unencrypted financial transactions.
Ransomware is singled out as a threat to be wary of as well. CISA and the FBI aren't the only groups calling that one out; Sophos recently released a report analyzing the emerging ransomware black hole and the danger it poses to everyone who uses the web.
