Colin Thierry
Published on: November 24, 2021

US government officials are advising American businesses and government organizations to stay vigilant against ransomware attacks and other cyber attacks that take advantage of worker downtime during Thanksgiving, following multiple cyberattacks during the holidays in years past.

The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Nov. 22 for organizations to identify essential IT security employees who can be on call when ransomware attacks arise.

“While we are not currently aware of a specific threat, (but) we know that threat actors don’t take holidays,” CISA Director Jen Easterly said in a statement. “We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”

Hackers usually strike on the weekend or during holidays, when organizations are short-staffed and potentially off-guard. In one incident over the Fourth of July weekend, a hacker breached Kaseya, a major US IT supplier, which impacted up to 1,500 businesses around the world.

The federal agencies also warned companies to monitor for phishing scams and fraudulent websites spoofing legitimate businesses.

There have been many different types of attacks on US businesses during the week of Thanksgiving. In 2014, Sony Pictures Entertainment discovered that hackers had stolen a ton of data from the film studio and destroyed some company computers in the process. US government officials later blamed North Korean hackers for the cyberattack.

The FBI and CISA have emphasized how preparing for disruptive hacks has become an everyday task for US companies and agencies after a series of high-profile ransomware attacks on crucial American infrastructure in 2021.

“Recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekend,” CISA and the FBI said.

However, a study by security firm Cybereason of more than 1,200 security professionals working at organizations that have experienced ransomware attacks found that nearly a quarter of those surveyed still do not have specific contingency plans for dealing with ransomware attacks during the holidays.

CISA’s counterpart in the UK, the National Cyber Security Centre, issued its own warning on Nov. 22 that cybercriminals had breached customer payment information on 4,000 small businesses websites.