Everyone looks forward to holiday weekends, including those who commence cybersecurity attacks. In a recent joint alert by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), the agencies warned that there has been an increase in highly impactful ransomware attacks occurring on holidays and weekends. In the past year, there have been notable cybersecurity attacks on federal holidays, including the Mother’s Day weekend attack of a U.S.-based critical infrastructure entity in the Energy Sector, the Memorial Day weekend attack to critical infrastructure in the Food and Agricultural Sector, and the Fourth of July weekend attack on the IT Sector.

The FBI and CISA warn that because offices are typically closed during these times, and critical actors may be on vacation, businesses and local governments may be more susceptible to ransomware attacks. Such attacks can be incredibly costly. In 2020 alone, businesses and governments paid over $400 million in ransomware payments, more than four times the amount paid in 2019. Despite the increase in ransomware payments, the U.S. government strongly discourages all businesses and citizens from paying ransom or extortion demands. This is because such payments not only encourage and enrich malicious cybersecurity actors, but such payments also do not guarantee that companies will be able to regain access to their data or be free from similar future attacks. Moreover, if ransomware payments are used to fund conduct that violates the International Emergency Economic Powers Act (IEEPA), companies who made such payments may be strictly liable for violations.

In order to protect against cybersecurity attacks and ransomware threats, the FBI and CISA recommend businesses backup all data using an offline database. They also recommend updating OS and software, using strong passwords, utilizing multifactor authentication, and avoiding clicking on suspicious links. Additionally, if you use Remote Desktop Protocol (RDP), it should be secured and regularly monitored. Finally, the agencies recommend each business have a cybersecurity incident response plan which includes a notification system to employees regarding cybersecurity attacks, response procedures, and a plan for operating without accessing critical systems. If you are a victim of a cybersecurity attack, you should immediately report your circumstances to your local FBI office, call the FBI’s 24/7 Cyber Watch phone number at (855) 292-3937, or e-mail CyWatch@fbi.gov.

The attorneys at Fishel Downey regularly advise and train employers on cybersecurity best practices and responses. If you have a specific question or scenario, and would like assistance, contact one of the attorneys at Fishel Downey Albrecht & Riepenhoff LLP at 614-221-1216.