Two federal agencies warned Americans to “remain vigilant” about their online security during the long Thanksgiving weekend after a year full of high-profile hacks.
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) issued guidance Monday on best practices for individuals and organizations to avoid being victimized by cyberattacks.
The two agencies did not identify any specific threats.
The recommendations included that companies identify IT security employees for the holidays, implement multi-factor authentication while employees work remotely, use strong one-time passwords, ensure remote desktop protocol is secure and monitored, and remind employees not to click on suspicious links.
CISA and the FBI also recommended users watch carefully for “phishing” scammers who disguise themselves as fake charities, as well as fraudulent sites imitating reputable businesses and hoping to ensnare Americans doing their holiday shopping online.
White House press secretary Jen Psaki highlighted the warning during Tuesday’s press briefing, urging businesses and other organizations to read through the advisory and implement the recommended practices.
“We’ve seen in the past that sometimes those threats — there’s an uptick around holidays, so we’re mindful of that,” Psaki said. “Their — and their advisory is based on that.”
The agencies cited recent trends of “malicious cyber actors” launching major ransomware attacks on holidays such as the Fourth of July and Mother’s Day.
Over Independence Day weekend, a cyberattack by the Russia-based hacking group REvil affected as many as 1,500 businesses in at least 14 countries.
The breach did not appear to affect vital infrastructure in the US and only caused “minimal damage,” according to the White House.
Days later, President Biden urged Russian President Vladimir Putin to crack down on cyberattacks emanating from his country. However, Biden stopped short of holding the Kremlin responsible for the July Fourth attacks.
“I made it very clear to him that the United States expects, when ransomware operation is coming from his soil — even though it’s not, not sponsored by the state — we expect them to act if we give them enough information to act on who that is,” Biden told reporters, adding that the call “went well, and I’m optimistic.”
When asked if there would be “consequences” for the attacks, the president responded “Yes,” before exiting the room.
At the time, Biden said he believed “we’re going to get cooperation” when asked what consequences Putin could face.
In recent years, the US has faced multiple cyberattacks from Russia, including one last year in which hackers gained access to approximately 27 US attorney offices across the country.
Russian-linked hackers behind last year’s SolarWinds cyberattack have been accused of targeting hundreds of companies and organizations in ongoing attacks since May.
During his meeting with Putin, Biden “underscored the need for Russia to take action to disrupt ransomware groups operating in Russia,” according to the White House. The administration added that the US “will take any necessary action to defend its people and its critical infrastructure.”