Security News > 2021 > September > Feds Warn of Ransomware Attacks Ahead of Labor Day
Though lots of people might be taking some time off over the Labor Day weekend, threat actors likely won't - which means organizations should remain particularly vigilante about the potential for ransomware attacks, the federal government has warned.
The now-infamous Colonial Pipeline attack by now-defunct ransomware group DarkSide that crippled the oil pipeline on the East Coast for some weeks after occurred in the lead-up to Mother's Day weekend, agencies observed.
Though the two ransomware players who launched these previous attacks are now gone, there are still plenty who are active, federal agencies warned.
The FBI's Internet Crime Complaint Center, which logs cyber incident complaints for various types of Internet crime, said attacks from the following ransomware variants have been the most frequently reported to the FBI over the last month: Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin and Crysis/Dharma/Phobos.
Because threat actors often stake out victims and maintain a presence on a target network before the attack occurs, the FBI and CISA advise that one way organizations can mitigate attacks is to engage in "Preemptive threat hunting," they said.
"Threat hunting is a proactive strategy to search for signs of threat actor activity to prevent attacks before they occur or to minimize damage in the event of a successful attack," the agencies said in their advisory.
News URL
https://threatpost.com/ransomware-attacks-labor-day/169087/
Related news
- BlackCat ransomware shuts down in exit scam, blames the "feds" (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)
- Duvel says it has "more than enough" beer after ransomware attack (source)
- FBI: Critical infrastructure suffers spike in ransomware attacks (source)
- JetBrains TeamCity under attack by ransomware thugs after disclosure mess (source)
- Possible China link to Change Healthcare ransomware attack (source)
- Change Healthcare registers pulse after crippling ransomware attack (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)