The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory outlining mitigation measures that organizations in public and private sectors can implement to reduce the risk of ransomware attacks and other cyber incidents. CISA and the bureau have observed a rise in ransomware attacks during holidays and weekends.
The bureau and CISA recommend that organizations conduct preemptive threat hunting activities on their networks, such as understanding the baseline environment, reviewing data logs, using intrusion prevention and automated security alerting systems and deploying honeytokens.
They also suggested network best practices to mitigate the risk of compromise, including making an offline backup of data, updating software and operating systems, using strong passwords and multifactor authentication, implementing segmentation and creating an incident response plan.
CISA and the FBI also warn against paying a ransom to threat actors since it does not guarantee data recovery or protection from future attacks. Should organizations decide to pay the ransom or not, they should report attacks to the agencies to provide critical information to track attackers, help victims and hold criminal actors accountable.
“Ransomware continues to be a national security threat and a critical challenge, but it is not insurmountable,” said Eric Goldstein, executive assistant director for cybersecurity, CISA.
“With our FBI partners, we continue to collaborate daily to ensure we provide timely, useful and actionable advisories that help industry and government partners of all sizes adopt defensible network strategies and strengthen their resilience. All organizations must continue to be vigilant against this ongoing threat,” he added.
ExecutiveBiz, sister site of ExecutiveGov, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” forum.
