CISA, FBI issue holiday warning about hackers, urge vigilance
Image: Tyler Donaghy
Martin Matishak November 22, 2021

CISA, FBI issue holiday warning about hackers, urge vigilance

CISA, FBI issue holiday warning about hackers, urge vigilance

Hackers could try to ruin your holiday season, the Cybersecurity and Infrastructure Security Agency and the FBI warned on Monday.

The organizations issued a joint advisory just a few days before Thanksgiving to remind “critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you.”

“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways — big and small — to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the advisory states.

The holiday season has long been prime time for hackers and cybercriminals to target consumers with phishing and other attacks, ultimately compromising organizations.

The three biggest ransomware attacks of 2021 — against the Colonial Pipeline, meat processing giant JBS and software company Kaseya — all occurred over weekends and major holidays.

Neither CISA, nor the FBI, “currently have identified any specific threats,” according to the advisory. 

However, they note, “recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends,” including Independence Day and Mother’s Day.

The organizations provided a checklist of actions executives and organizations should take to better protect themselves against malicious actors that includes such staples as applying software patches, switching on multi-factor authentication and reviewing existing response plans.

“CISA and the FBI urge users and organizations to take these actions immediately to protect themselves against this threat,” the advisory warns.

Martin is a cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.