The 2023 version offers more detailed, step-by-step guidance and associated recommendations to fortify public and private networks against sophisticated ransomware.
Three federal agencies leading national cybersecurity efforts released a new guide specifically aimed to stop ransomware threats and actors through a new series of best practices for all industries.
Compiled with the help of the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, National Security Agency and Multi-State Information Sharing and Analysis Center—a CISA-supported collaborative for state, local and tribal governments—the new #StopRansomware Guide was published on Tuesday in the wake of escalating ransomware attacks across multiple sectors.
CISA announced the release of the updated guide, building off of an earlier 2020 version. Some of the major changes focus on patching up password and login vulnerabilities, as well as social engineering tactics that are becoming more prevalent across social media.
“With our FBI, NSA and MS-ISAC partners, we strongly encourage all organizations to review this guide and implement recommendations to prevent potential ransomware incidents,” said Eric Goldstein, CISA’s executive assistant director for cybersecurity. “In order to address the ransomware epidemic, we must reduce the prevalence of ransomware intrusions and reduce their impacts, which include applying lessons learned from ransomware incidents that have affected far too many organizations.”
Initial recommendations in the report include maintaining offline, encrypted backups of critical data, creating and abiding by a formal cyber incident response plan, utilizing zero-trust architecture, conducting frequent vulnerability scans and limiting remote operations to close potential access points to proprietary networks.
“While the FBI continues to prevent and disrupt cyber attacks we cannot win the fight against ransomware attacks alone: We urge all organizations to implement these recommendations to ensure stronger resiliency for their networks,” said Assistant Director of the FBI's Cyber Division Bryan Vorndran in a press release.
The latter portion of the document provides more through step-by-step processes to implement several of these recommendations, specifying code that can serve as common access points for ransomware actors to exploit.
It also contains reporting and notification instructions to submit incidents and breaches to law enforcement and stakeholders.
“Share the information you have at your disposal to receive timely and relevant assistance,” the guide says. “Keep management and senior leaders informed via regular updates as the situation develops.”
A primary goal of the #StopRansomware Guide is to provide resources and knowledge to institutions with sensitive information that do not necessarily have sufficient funding to hire cybersecurity consultants or adopt new technology.