WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.
Ransomware is increasingly threatening both public and private networks, causing data loss, privacy concerns, and costing billions of dollars a year. These incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion.
“CISA is committed to working with organization at all levels to protect their networks from the threat of ransomware,” said Brandon Wales, Director (Acting) of CISA. “This includes working collaboratively with our public and private sector partners to understand, develop and share timely information about the varied and disruptive ransomware threats. Anyone can be the victim of ransomware, and so everyone should take steps to protect their systems.”
In this campaign, which will have a particular focus on supporting COVID-19 response organizations and K-12 educational institutions, CISA is working to raise awareness about the importance of combating ransomware as part of an organization’s cybersecurity and data protection best practices. Over the next several months, CISA will use its social media platforms to iterate key behaviors or actions with resource links that can help technical and non-technical partners combat ransomware attacks.
CISA established a new one-stop resource at cisa.gov/ransomware. On this page, interested partners will find four categories of ransomware resources:
- Alerts and Statements: Official CISA updates to help stakeholders guard against the ever-evolving ransomware threat environment. These alerts are geared toward system administrators and other technical staff…