Federal Agencies Warn of Heightened Ransomware and Cybersecurity Risks

Originally published on December 1, 2021 and updated on December 7, 2022.

Federal agencies are warning businesses and consumers of heightened ransomware risks. On December 1, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigations (FBI) issued a joint statement warning of ransomware risks. Additionally, on November 23, 2022, the CISA issued a reminder to stay vigilant during the holiday season.

“As the nation’s cyber defense agency, our goal is to make sure Americans are safe online, especially during the holiday season,” said CISA Director Jen Easterly. “By following a few guiding principles like checking your devices, shopping from trusted sources, using safe purchasing methods, and following basic cyber hygiene like multi-factor authentication, you can drastically improve your online safety when shopping online for gifts this year. Your cyber safety should be treated like your physical safety. Stay vigilant, take steps protect yourself, and trust your instincts. If you see something that doesn’t look right, there’s a good chance it isn’t.”

Last year, the FBI issued a Private Industry Notification, warning businesses that ransomware actors are using significant financial events, such as mergers and acquisitions (“M&A”), to target victims for ransomware infections.

Ransomware is often a two-step process whereby hackers infiltrate a system via malware, and then identify and hold non-public information captive, seeking a ransom in exchange for the release of the information. The FBI warns that hackers research publicly available information, such as a victim’s stock valuation and recent M&A transactions, to gain entry into the business’s network. Events that may impact the victim’s stock price, such as an M&A announcement, can encourage ransomware attackers to target a business.

According to the FBI, between March and July 2020, at least three publicly traded US companies actively involved in M&A transactions were the victims of ransomware attacks during their respective negotiations.

To help protect against ransomware attacks and decrease the severity of their impact, businesses should:

• Run and maintain backups of critical data offline in the cloud or on an external hard drive.
• Secure data backups so that the back-up is not accessible for modification or deletion from the system where the original information is housed.
• Install and update anti-virus and anti-malware software.
• Instruct employees to only use secure networks and avoid public Wi-Fi networks.
• Use multi-factor authentication when users log in.
• Require employees to use strong passwords and ensure they are not reused across multiple accounts. 
• Remind employees not to click on suspicious links, and conduct regular tests and trainings to raise awareness. 
• Identify employees who are on call for any IT security issues that arise on weekends or holidays.
• Ensure appropriate cybersecurity insurance coverage.
• Review and regularly update your company’s privacy and cybersecurity policies.

The Corporate and Litigation Groups at Levenfeld Pearlstein are available to assist with any cybersecurity issues you may have. We would be happy to review your existing privacy, security, or cyber insurance policies and assist with drafting any necessary updates as well. Please don’t hesitate to reach out.