Airtel’sFeds Warn of Ransomware Attacks Ahead of Labor Day mobile app hit with security flaw which left millions of user data exposed

Somya Bansal

September 1, 2021

The federal government has warned that threat actors might use the Labor Day weekend as a prime opportunity to ambush organizations when several staff would be taking time off, leaving behind a skeleton crew to oversee IT and network infrastructure and security. That’s because the absence of key personnel makes it less likely that targeted organizations can quickly detect and contain attacks, giving additional time to attackers to exfiltrate more sensitive data or lock up more computers with ransomware, than they might have been able to. A joint cybersecurity advisory was put out by the FBI and CISA on Tuesday. Though haven’t discovered any specific threat, still better to be safe than sorry, given the cyber-attacks history, said the agencies. Some of the history of holiday cyberattacks include the now-infamous Colonial Pipeline Attacks by now-defunct ransomware group DarkSide that crippled the oil pipeline on the East Coast for some weeks in the lead up to Mother’s Day weekend. Later in May, REvil ransomware group forced the shutdown of some operations of JBS Foods(largest meat distributor) over the Memorial Day Weekend. Also over the Fourth of July holiday, a massive supply-chain attack by REvil exploited zero-day vulnerabilities in the Kaseya Virtual System/Server Administrator (VSA) platform. The FBI’s Internet Crime Complaint Center (IC3) for cybercrime pointed out many ransomware variants including Conti, LockBit, PYSA and Zeppelin among many. Just this week another ransomware LockFile, which uses a never-before seen type of “intermittent” encryption tactic to evade detection, was reported by the researchers at Sophos. The FBI and CISA advise organizations to engage in “preemptive threat hunting” to mitigate these attacks.

Abridged fromThreat Post