Security News > 2021 > September > Feds Warn of Ransomware Attacks Ahead of Labor Day

Though lots of people might be taking some time off over the Labor Day weekend, threat actors likely won't - which means organizations should remain particularly vigilante about the potential for ransomware attacks, the federal government has warned.

The now-infamous Colonial Pipeline attack by now-defunct ransomware group DarkSide that crippled the oil pipeline on the East Coast for some weeks after occurred in the lead-up to Mother's Day weekend, agencies observed.

Though the two ransomware players who launched these previous attacks are now gone, there are still plenty who are active, federal agencies warned.

The FBI's Internet Crime Complaint Center, which logs cyber incident complaints for various types of Internet crime, said attacks from the following ransomware variants have been the most frequently reported to the FBI over the last month: Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin and Crysis/Dharma/Phobos.

Because threat actors often stake out victims and maintain a presence on a target network before the attack occurs, the FBI and CISA advise that one way organizations can mitigate attacks is to engage in "Preemptive threat hunting," they said.

"Threat hunting is a proactive strategy to search for signs of threat actor activity to prevent attacks before they occur or to minimize damage in the event of a successful attack," the agencies said in their advisory.

News URL

https://threatpost.com/ransomware-attacks-labor-day/169087/