FBI, CISA warns ransomware attacks surge over holiday weekends: 6 things to know this Labor Day weekend

The FBI and Cybersecurity and Infrastructure Security Agency are warning companies of the increased risk of ransomware attacks over Labor Day weekend.

The FBI and CISA said there are surges in ransomware attacks on holidays and weekends when offices are traditionally closed, according to an Aug. 31 CISA report. The federal agencies observed ransomware attacks consistently on holiday weekends, such as the Fourth of July, Mother's Day weekend and Memorial Day weekend. The FBI and CISA said there is no indication that a ransomware attack will occur over the weekend, but wanted organizations to be aware of the increased threat level.

Six things to know:

1. The FBI's Internet Crime Complaint Center received 791,790 complaints about internet crime in 2020, with losses reportedly exceeding $4.1 billion. From January to July 31, 2021, the center has received 2,084 ransomware complaints with over $16.8 million in losses, a 62 percent increase in reporting and a 20 percent increase in reported losses compared to the same time frame in 2020.
   
   
2. Conti, PYSA, LockBit, RansomEXX/Defray777, Zeppelin and Crysis/Dharma/Phobos are the ransomware variants most frequently reported to the FBI.
   
   
3. Hackers are increasingly threatening to publicly name affected victims and release their sensitive data to push affected organizations to pay a ransom.
   
   
4. The two most common initial access points are phishing and brute force attacks on remote desktop endpoints. Other common tactics of initial infection include deploying malware, exploiting software, exploiting managed service providers with access to customer networks and purchasing stolen credentials on the dark web.
   
   
5. Hackers use the access to evaluate a victim's ability to pay a ransom, to evaluate the victim's incentive to pay ransomware to regain access to their data or avoid it being leaked, or to gather information for follow-up attacks.
   
   
6. The FBI and CISA suggest organizations proactively hunt for threats in their networks to search for signs of unauthorized activity. Threat actors can be present for a long time before they lock down the system and request ransom payment.
   
   To read the full list of threat mitigations, click here.