720-891-1663

Return to the list of client alerts

Labor Day is Almost Here-Remember What Happened Over July 4 – CISA Warns

Just a reminder.

The Russian ransomware gang REvil launched the Kasaya attack during the July 4th weekend. Hundreds of Managed Service Providers or MSPs were compromised with a supply chain attack and thousands of their customers, along with those MSPs, were crippled by ransomware attacks.

They picked July 4th weekend because many companies would be closed over the long weekend and many MSPs would be relaxing.

For the hackers, it was a perfect plan. And it worked. Big time. Credit: CSO Online

The FBI and CISA issued an alert for Labor Day weekend (AA21-243A) that says:

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed—in the United States, as recently as the Fourth of July holiday in 2021. The FBI and CISA do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run up to holidays and weekends, based on recent actor tactics, techniques, and procedures (TTPs) and cyberattacks over holidays and weekends during the past few months. The FBI and CISA encourage all entities to examine their current cybersecurity posture and implement the recommended best practices and mitigations to manage the risk posed by all cyber threats, including ransomware.

Ransomware Awareness for Holidays and Weekends | CISA

The FBI points to attacks over the Memorial Day and July Fourth weekends this year and, given that those attacks were quite successful, they think that we might see an attack over Labor Day.

The FBI’s IC3 reported losses of over $4 billion in 2020, up 69 percent over 2019.

The alert provides both threat hunting techniques and best practices.

If you need help, please contact us.