[TheRecord] White House double downs on warning about cyberattacks over the holidays

White House deputy national security adviser Anne Neuberger on Thursday urged U.S. organizations to be on guard against malicious digital activity ahead of the Labor Day holiday.

“We want to raise awareness and this need for awareness is particularly for critical infrastructure owners and operators who operate critical services for Americans,” Neuberger said during a White House press briefing. 

She emphasized that the administration has no specific threat information or insights about possible cyberattacks “but we do have this history.” This year’s three biggest ransomware incidents — on the Colonial Pipeline, meat processing giant JBS and software company Kaseya — all occurred over weekends and major holidays.

“Organizations and individuals should be on alert now because criminals sometimes lay their steps in advance and begin their planning,” Neuberger said. 

She added that hackers often target companies over holiday weekends when security operations centers may be understaffed. She encouraged corporate executives to bring together their leadership teams to take steps to mitigate the risk now, including applying software patches, making key personnel change their passwords, switching on multi-factor authentication and reviewing response plans.

The warning came days after the FBI and CISA issued a joint advisory that warned digital actors have “conducted increasingly impactful attacks against U.S. entities on or around holiday weekends over the last several months.”

Neuberger said security teams should proactively hunt across their networks for “signs of compromise or anything unusual on your network.” She also warned individuals to be “extra vigilant” about phishing emails.

Asked if the Kremlin had cracked down on ransomware gangs operating inside its borders following the June meeting between President Joe Biden and Russian President Vladimir Putin, Neuberger answered: “The discussions with the Russians continue. As President Biden noted, he’s looking for action, with regard to addressing cyber activity, and we continue to look for that.”

She said the U.S. has “noted the decrease in ransomware” but noted there “could be a host of reasons for it. So we’re noting that trend and we hope that that trend continues.”

Neuberger said the U.S. intelligence community is on alert and that agencies like the FBI are “fully postured and fully prepared” for possible incidents over the long weekend “so we could rapidly jump on them and respond to them.”

The post White House double downs on warning about cyberattacks over the holidays appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[HackerNews] SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

All posts, HackerNews

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below – CVE-2022-22282 (CVSS score: 8.2) – Unauthenticated Access Source: […]

Read More

[NCSC-FI News] Beastmode botnet boosts DDoS power with new router exploits

A Mirai-based distributed denial-of-service (DDoS) botnet tracked as Beastmode (aka B3astmode) has updated its list of exploits to include several new ones, three of them targeting various models of Totolink routers Totolink is a popular electronics sub-brand belonging to Zioncom that recently released firmware updates to fix three critical-severity vulnerabilities. Source: Read More (NCSC-FI daily […]

Read More

Daily NCSC-FI news followup 2021-02-06

Google fixes Chrome zero-day actively exploited in the wild www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. Eletrobras, Copel energy companies hit by ransomware attacks www.bleepingcomputer.com/news/security/eletrobras-copel-energy-companies-hit-by-ransomware-attacks/ Centrais Eletricas Brasileiras (Eletrobras) and Companhia […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.