CISA reminds organizations to remain vigilant during the holidays

The Cybersecurity & Infrastructure Security Agency (CISA) reminds organizations in a recent statement to stay alert over the holidays. The statement, released with the Federal Bureau of Investigation (FBI), advises critical infrastructures that “malicious cyber actors aren’t making the same holiday plans.”

The reminder comes amid an increase in cyberattacks, especially ransomware attacks, against organizations that work with sensitive or critical information. This includes covered entities that must maintain HIPAA compliance and demonstrate due diligence when safeguarding  protected health information (PHI).

SEE ALSO:  HIPAA compliant email

Threat actors typically intensify cyberattacks during the holidays so this CISA alert provides specific techniques that organizations can utilize during these times.

Don’t let your guard down

CISA recommends that organizations continue to care for their cyber health “during the upcoming holiday season—a time during which offices are often closed, and employees are home with their friends and families.”

CISA states that there is no specific threat. But the agency does point out that several 2021 serious cyberattacks occurred during a holiday weekend. This includes the ransomware attack on Colonial Pipeline over Mother’s Day weekend as well as the Kaseya VSA “ransomware tsunami” over Independence Day weekend.

Such cyberattacks cause much disruption and chaos; some researchers even call the current uptick in attacks a ransomware epidemic. And for healthcare providers, seen as juicy targets by cyberattackers, the costs of such attacks is distressing.

RELATED: Ransomware is more common in healthcare than you think

This is why CISA and the FBI urge organizations “to examine their current cybersecurity posture and implement best practices and mitigations to manage the risk posed by cyber threats.”

What it means to be vigilant

• Ensure on-call IT employees are available on weekends and holidays
• Implement multi-factor authentication (MFA) for remote access and administrative accounts
• Mandate strong passwords that are not reused across multiple accounts
• Ensure remote desktop protocol (RDP) and other similar services are secure and monitored
• Remind employees to not click on suspicious links and conduct training exercises to raise awareness

SEE ALSO:  A tired, stressed staff raises cybersecurity risks

The agencies then list several techniques hackers utilize to cause data breaches including phishing, website spoofing, and unencrypted transactions. Finally, the statement provides a directive should an organization become a victim: review and update incident and business recovery plans. And these plans must include a set of actions or steps to take after a breach as well as a list of contacts to reach out to.

Vigilance beyond holidays—always employ strong cybersecurity

This reminder should prompt organizations to always remain attentive.

RELATED: Catching ransomware before it catches you

In general, a strong, consistent cybersecurity program must use layers of protection including CISA’s recommendations above. Organizations must keep up-to-date policies and procedures, including recovery and backup plans so that everyone knows what to do. But access controls may need to go beyond MFA and password security with privileged access management.

Finally, while employee training is a critical step it is not enough on its own. Other security procedures to consider include separate/offline backups, patched and updated  legacy systems, encryption at rest and in transit, and antivirus software. And, given the nature of most ransomware attacks, email security (i.e., HIPAA compliant email).

Protect the most vulnerable threat vector: email

Email is the most accessible  threat vector (or entry point) into any system, which is why email security is vital. Employing HIPAA compliant email with strong inbound and outbound email security is crucial to safeguarding PHI.

RELATED:  Why healthcare providers should use HIPAA compliant email

Paubox Email Suite Plus protects email from threats like phishing and domain name spoofing. In fact, our HITRUST CSF certified solution comes with  Zero Trust Email, which adds a layer of verification even before an email gets delivered. Paubox Email Suite Plus requires no change in email behavior and is operational from any existing email platform (e.g., Microsoft 365 and  Google Workspace).

This means complete peace of mind since any possible back door is kept locked and safe. Ultimately, organizations must find their own combination of cybersecurity methods but that doesn’t mean they should not always be attentive. Cyberattacks can halt an organization’s operations and cause a ripple effect of problems throughout. This is why vigilance is always necessary, even during a holiday.