FBI Warns of Heightened Ransomware and Cybersecurity Risks During M&A Transactions and Over the Holidays
December 1, 2021
Federal agencies are warning businesses and consumers of heightened ransomware risks. On November 1, 2021, the FBI issued a Private Industry Notification, warning businesses that ransomware actors are using significant financial events, such as mergers and acquisitions (“M&A”), to target victims for ransomware infections.
Ransomware is often a two-step process whereby hackers infiltrate a system via malware, and then identify and hold non-public information captive, seeking a ransom in exchange for the release of the information. The FBI warns that hackers research publicly available information, such as a victim’s stock valuation and recent M&A transactions, to gain entry into the business’s network. Events that may impact the victim’s stock price, such as an M&A announcement, can encourage ransomware attackers to target a business.
According to the FBI, between March and July 2020, at least three publicly traded US companies actively involved in M&A transactions were the victims of ransomware attacks during their respective negotiations.
Most recently, on November 22, 2021, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the FBI issued an advisory, reminding people to be on alert for ransomware attacks and other cybersecurity attacks during the holiday season.
“Although neither CISA nor the FBI currently have identified any specific threats, recent 2021 trends show malicious cyber actors launching serious and impactful ransomware attacks during holidays and weekends, including Independence Day and Mother’s Day weekends,” the advisory says.
To help protect against ransomware attacks and decrease the severity of their impact, businesses should:
- Run and maintain backups of critical data offline in the cloud or on an external hard drive.
- Secure data backups so that the back-up is not accessible for modification or deletion from the system where the original information is housed.
- Install and update anti-virus and anti-malware software.
- Instruct employees to only use secure networks and avoid public Wi-Fi networks.
- Use multi-factor authentication when users log in.
- Require employees to use strong passwords and ensure they are not reused across multiple accounts.
- Remind employees not to click on suspicious links, and conduct regular tests and trainings to raise awareness.
- Identify employees who are on call for any IT security issues that arise on weekends or holidays.
- Ensure appropriate cybersecurity insurance coverage.
- Review and regularly update your company’s privacy and cybersecurity policies.
The Corporate and Litigation Groups at Levenfeld Pearlstein are available to assist with any cybersecurity issues you may have. We would be happy to review your existing privacy, security, or cyberinsurance policies and assist with drafting any necessary updates as well. Please don’t hesitate to reach out.