CISA & Partners Release Updated StopRansomware Guide
An updated version of the StopRansomware Guide has been published that includes further recommendations on actions that can be taken to reduce the risk of ransomware attacks. The StopRansomware Guide is a one-stop resource developed by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) that details best practices for detecting, preventing, responding to, and recovering from ransomware attacks and provides step-by-step approaches for addressing potential attacks. The updated guide was produced through the Joint Ransomware Task Force (JRTF), which was set up by Congress in 2022 to deal with the growing threat of ransomware attacks.
The StopRansomware Guide can be used by government agencies and organizations and businesses of all sizes to ensure appropriate defenses are in place to block attacks and can help with the development, implementation, and maintenance of incident response plans to ensure the fastest possible recovery in the event of an attack. The updated guide includes new recommendations for hardening defenses against the most common initial access vectors that are used by ransomware gangs and initial access brokers for gaining a foothold in networks, including compromised credentials, brute force attempts to obtain passwords, phishing, and advanced social engineering, along with information on securing cloud backups and tips for threat hunting.
The StopRansomware Guide is divided into two parts. The first part provides comprehensive, relevant, and proven best practices that can be adopted to reduce risk, including identifying critical data that needs protecting and proactive steps that can help with ransomware attack mitigation. The second part of the guide provides detailed information on detection, analysis, containment, eradication, and post-incident recovery, and includes a checklist to guide organizations through a methodical, measured, and properly managed incident response approach.
“With our FBI, NSA and MS-ISAC partners, we strongly encourage all organizations to review this guide and implement recommendations to prevent potential ransomware incidents,” wrote CISA. “In order to address the ransomware epidemic, we must reduce the prevalence of ransomware intrusions and reduce their impacts, which include applying lessons learned from ransomware incidents that have affected far too many organizations.”
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The updated StopRansomware Guide can be downloaded from CISA on this link.