The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI urged businesses to be "especially diligent" about their network security practices. While officials said they were not currently aware of a specific threat, they noted a trend of "increasingly impactful attacks" targeting U.S. entities on weekends and holidays, when offices are typically closed.
"The FBI and CISA do not currently have specific information regarding cyber threats coinciding with upcoming holidays and weekends," the agencies said in an alert. "Cyber criminals, however, may view holidays and weekends – especially holiday weekends – as attractive timeframes in which to target potential victims, including small and large businesses."
A series of high-profile ransomware attacks targeting key infrastructure have occurred over holiday weekends this year. Russia-linked group REvil conducted ransomware attacks on IT software firm Kaseya over Fourth of July weekend and against meat supplier JBS over Memorial Day weekend.
Another group, DarkSide, launched an attack heading into Mother’s Day weekend last May.
Cybersecurity officials urged U.S. companies and operators to take steps to defend against ransomware attacks, including preemptive threat-hunting scans on their networks, use of multi-factor authentication and the development of an incident response plan, among other measures.
The agencies also warned companies that ransom payments did not guarantee that an attack would be resolved. Government officials, including top lawmakers, have urged companies not to make payments.
Eric Goldstein, an executive assistant director for cybersecurity at CISA, said ransomware "continues to be a national security threat and a critical challenge, but it is not insurmountable."
"With our FBI partners, we continue to collaborate daily to ensure we provide timely, useful and actionable advisories that help industry and government partners of all sizes adopt defensible network strategies and strengthen their resilience," he added. "All organizations must continue to be vigilant against this ongoing threat."