Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented a double-extortion schema threatening the victims to data stolen before encrypting them on compromised systems.
Over the past several years, government agencies and its partners have responded to a significant number of
ransomware attacks, including recent attacks against Colonial Pipeline and and U.S. software company Kaseya.
The guidance aims at helping government and private sector organizations in preventing such kinds of incidents.
“All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems. This fact sheet provides information for all government and private sector organizations, including critical infrastructure organizations, on preventing and responding to ransomware-caused data breaches.” reads CISA’s guideline. “CISA encourages organizations to adopt a heightened state of awareness and implement the recommendations”
CISA recommends organizations to implement best practices included in its fact sheet to prevent cyber attacks, the list of best practices includes:
The fact sheet also recommends organizations to protect sensitive data belonging to customers or employees.
In July, the US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool for the agency’s Cyber Security Evaluation Tool (CSET).RRA could be used by organizations to determine their level of exposure to ransomware attacks against their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.
(SecurityAffairs – hacking, CISA)