Dangerous Holiday Weekend for Cyber Crime


Last week was a doozy in terms of cybersecurity breaches. Shortly after festivities for Labor Day weekend ended, the headlines proved organizations can never afford to let their guard down when it comes to protecting against, detecting, and responding to cybersecurity threats. Unfortunately, the first half of 2022 saw 817 cases of compromised data in the U.S., according to Statista, and at least 53 million individuals have been affected by data breaches, data leakages, and data exposures already this year.

On September 6, the Los Angeles Unified School District announced it was the victim of a ransomware attack over the holiday weekend. Superintendent Alberto Carvalho said the district benefitted from an “extraordinary level of collaboration and cooperation” from partners as well as the FBI (Federal Bureau of Investigation). With the help of special agents and staff, the school system was able to offer a full school day as planned on Tuesday after the holiday weekend, although the effects were felt by many thousands of students and employees who were forced to change their passwords before they could access school systems.

The ransomware attack is thought to have originated from outside the country, and reports suggest the school did not pay a ransom. It’s best practice to not pay the ransom, but this is much easier said than done. The 2022 Immersive Labs Cyber Workforce Benchmark study showed that in ransomware simulations, 25% of respondents in the education sector paid the ransom—the highest percentage among industries surveyed.

Also on September 6, InterContinental Hotels Group announced unauthorized access to its technology systems beginning on Labor Day. The company, which operates more than 6,000 hotels globally, reports its booking channels and other applications were “significantly disrupted”, although the hotels were still able to operate and take reservations in person. While there’s still not a lot of information about this cyber attack, it shows that holidays are prime time for cybercriminals to try their hand at causing disruptions, because they assume companies will not be paying attention as closely as usual.

Shortly after these attacks, the FBI, CISA (Cybersecurity and Infrastructure Security Agency), and the MS-ISAC (Multi-State Information Sharing and Analysis Center) released a joint statement warning that cyber criminals seem to be “disproportionately targeting the education sector” with ransomware attacks. CISA points out in the alert that K-12 schools have seen an upswing in ransomware attacks during the past several years and that the government expects the trend to continue into the 2022-2023 school year.

In order to prepare for such attacks, CISA advises K-12 organizations to maintain offline backups of data, regularly maintain backup and restoration, and ensure all backup data is encrypted and immutable. CISA also recommends organizations make sure the security of the vendors connected to their organizations also have strong security and are being monitored continuously for potential breaches. Among other recommendations, including specific tips for identity and access management for educational institutions, CISA also encourages the sector to implement recovery plans that can help organizations react and recover in the event of a cyberattack. Hopefully, the latest cyberattacks in education and hospitality will prompt organizations in these sectors and beyond to take proper—and maybe even extra—precautions to prevent themselves from being the next victim to make headlines.

Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #digitaltransformation #machinelearning #cybersecurity #security #ransomware #cyberattack #education #hospitality #CISA #InterContinentalHotelsGroup