CISA in partnership with FBI launched a joint public service announcement (PSA) to stay cybersecure this holiday season. While staffing is low and offices are closed during the holidays,with the recent disclosure of vulnerabilities in the widely used “log4j” software library, bad actors are actively seeking to take advantage of vulnerabilities inside organizations’ networks and systems.
Recommend cybersecurity best practices:
- Identify IT security employees available to surge in the event of an incident
- Require all staff use strong passwords and different passwords for each account
- Enable multi-factor authentication for all remote access and administrative accounts
- Ensure your remote desktop protocol (RDP) is secure and monitored
- Train employees to recognize phishing emails and not click suspicious links
- Review and update incident response and communications plans
- Stay alert over the holiday season and quickly report any suspicious activity
In light of persistent and ongoing cyber threats, CISA also released an Insights publication urging critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential malicious cyberattacks. The CISA Insights and resources are available on CISA.gov.