Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

US Govt Warns of Increased Ransomware Risks During Holidays

US Govt Warns of Increased Ransomware Risks During Holidays

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season.

The two federal agencies’ warning was issued in the form of a joint advisory published Monday, “based on observations on the timing of high impact ransomware attacks that have occurred previously rather than a reaction to specific threat reporting.”

As previously observed, threat actors have often taken advantage of a decrease in readiness to respond to cybersecurity attacks during weekends and holidays to attempt breaches of critical networks and systems belonging to public and private sector orgs.

Also Read: Going Beyond DPO Meaning: Ever Heard of Outsourced DPO?

The two agencies also provide a list of mitigations, including the need to set up an IT security team ready to react to ransomware attacks even outside regular office hours.

Other best practices outlined in the joint alert include:

  • Implement multi-factor authentication for remote access and administrative accounts
  • Mandate strong passwords and ensure they are not reused across multiple accounts
  • If you use remote desktop protocol (RDP) or other potentially risky services, ensure it is secure and monitored      
  • Remind employees not to click on suspicious links, and conduct exercises to raise awareness
  • Review and, if needed, update incident response and communication plans that list actions an organization will take if impacted by a ransomware incident

“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” said CISA Director Jen Easterly. “We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”

“The FBI is dedicated to combatting cyber-crimes targeting the American public and our private sector partners. Cyber criminals have historically viewed holidays as attractive times to strike,” added FBI Cyber Assistant Director Bryan Vorndran. 

Today’s warning follows a very similar one issued at the end of August, ahead of the Labor Day weekend, after noticing that highly impactful ransomware attacks commonly hit US organizations when offices are typically closed.

“CISA offers a range of no-cost cyber hygiene services—including vulnerability scanning and ransomware readiness assessments—to help critical infrastructure organizations assess, identify, and reduce their exposure to cyber threats,” the agencies added at the time.

Also Read: 5 Common Sections in an Agreement Form Example

“By taking advantage of these services, organizations of any size will receive recommendations on ways to reduce their risk and mitigate attack vectors.”

Last month, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) had also revealed the scale of financial losses suffered by ransomware targets in the previous few years by linking almost $5.2 billion in outgoing BTC transactions to paid ransoms.

inCEN’s report came on the heels of governments worldwide saying in mid-October that they will crackdown on cryptocurrency payment channels used by ransomware gangs.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us