FBI warns of ransomware attacks as Labor Day approaches

The FBI has issued an alert warning that the most successful ransomware hackers tend to strike during holidays and weekends, when offices are normally closed. While there’s no specific additional threat for the upcoming three-day weekend, officials did say businesses would be wise to be on guard.

“The FBI and CISA [Cybersecurity and Infrastructure Security Agency] do not currently have any specific threat reporting indicating a cyberattack will occur over the upcoming Labor Day holiday. However, the FBI and CISA are sharing the below information to provide awareness to be especially diligent in your network defense practices in the run-up to holidays and weekends, based on recent actor tactics, techniques, and procedures and cyberattacks over holidays and weekends during the past few months.”

As of July 31, the FBI’s Internet Crime Complaint Center has received 2,084 ransomware complaints, totaling over $16.8 million in losses year to date. That’s a 62% increase in reported incidents and a 20% increase in reported losses, compared with the same time frame in 2020.

And three big attacks have occurred over holidays. During Mother’s Day in May, attackers likely associated with DarkSide paralyzed the Colonial Pipeline, a vital piece of infrastructure supplying millions of Americans with gasoline. That same month, over Memorial Day, meatpacking giant JBS was hit by ransomware group REvil. And over July 4, REvil was linked to a ransomware attack that crippled well over 1,000 organizations globally by targeting Florida-based software provider Kaseya.

Cybercriminals typically target U.S. holidays when IT staff are likely to be out of town, making it harder to react quickly to an attack and giving the hackers more time to try various passwords and usernames and extend their reach to more devices.