Agencies ramp up ransomware defenses
Federal agencies are stepping up their efforts to help public- and private-sector organizations protect themselves from attack.
The new website StopRansomware.gov aims to be a one-stop shop where individuals, businesses and other organizations can find resources to help mitigate their ransomware risk.
Launched July 15 by the Departments of Justice, Homeland Security and other federal partners, the site consolidates ransomware information from all federal agencies, reducing the chances organizations miss important information on the latest ransomware-related alerts and threats from DHS’s Cybersecurity and Infrastructure Security Agency, the Secret Service, the FBI, the Department of Commerce’s National Institute of Standards and Technology, and the Departments of the Treasury and Health and Human Services.
StopRansomware.gov aims to help organizations take simple steps to protect their networks and respond to ransomware incidents, while providing enterprise-level IT teams the technical resources to reduce their ransomware risk, Justice officials said.
The site also includes the latest news and alerts as well as clear guidance on how to report attacks, isolate and triage affected systems and contain and mitigate the impact. It also features a section for state, local, tribal and territorial governments listing no-cost services – such as self-assessments and training -- they can use to guard against ransomware and attacks against election infrastructure.
CISA recently released catalog of bad practices, targeting organizations that support critical infrastructure. The first two items address the use of unsupported (or end-of-life) software and the use of known/fixed/default passwords and credentials.
The State Department announced July 15 that its Rewards for Justice program is now offering rewards up to $10 million for information “leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.” RFJ has set up a tip-reporting channel on the Dark Web to protect the safety and security of potential sources.
Also on July 15, the Treasury Department’s Financial Crimes Enforcement Network announced it is planning an August event to help its public- and private-sector partners with next steps to address and mitigate ransomware as part of a whole-of-government effort. The ability to detect and report ransomware payments is critical to not just preventing and deterring attacks, but also holding attackers accountable FinCEN officials said.
“The surge in ransomware attacks threatens our critical infrastructure, municipalities and the most vulnerable among us,” FinCEN’s acting Director Michael Mosier said. “Since this extortion threatens our collective safety, it is critical that we collaboratively gather to confront this threat together and determine the best way to increase our collective resilience to these malicious attacks.”
“Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more. These attacks directly impact Americans’ daily lives and the security of our nation,” DHS Secretary Alejandro Mayorkas said. “I urge every organization across our country to use [StopRansomware.gov] to learn how to protect themselves from ransomware and reduce their cybersecurity risk.”
Connect with the GCN staff on Twitter @GCNtech.