Today, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The joint guide outlines phishing techniques malicious actors commonly use and provides guidance for both network defenders and software manufacturers to reduce the impact of phishing techniques used in obtaining credentials and deploying malware.
05/23/2023 08:00 AM EDT
Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and includes additional recommended actions, resources, and tools to maximize its relevancy and effectiveness and to further help reduce the prevalence and impacts of ransomware.
The #StopRansomware Guide serves as a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to address potential attacks. The authoring organizations recommend that entities review this joint guide to prepare and protect their facilities, personnel, and customers from the impacts of ransomware and data exfiltration. For more information and to access the latest resources about how to stop ransomware, please visit stopransomware.gov.
This joint guide was developed through the Joint Ransomware Task Force (JRTF), an interagency collaborative effort to reduce the prevalence and impact of ransomware attacks. JRTF was established by Congress in 2022 and is co-chaired by CISA and FBI. For additional information about the JRTF, please visit CISA’s newly launched Joint Ransomware Task Force (JRTF) webpage.
October is Cybersecurity Awareness Month!
The session is open to small and medium-sized businesses that are interested in an introduction to cybersecurity concepts. If you own a small business, don’t miss this webinar about what you can do to ramp up your cybersecurity efforts.
Mr. Tannehill is the manager of the Trust & Safety team at Lumen Technologies. He is very passionate about cybersecurity.
As a retired US Air Force veteran, he works full time as an Information Security (InfoSec) leader with 24 years of progressive experience. His education includes an Associate’s degree in Information Systems Technology from the Community College of the Air Force. Mr. Tannehill has numerous IT industry standard certifications including CCNA, Project+, GSEC, CEH, as well as, CISSP (which remains in good standing).
Special thanks to our sponsors for creating this event as part of Cybersecurity Awareness Month.
July 14, 2021
New website provides cybersecurity resources from across the federal government
WASHINGTON – Today, as part of the ongoing response, agencies across the U.S. government announced new resources and initiatives to protect American businesses and communities from ransomware attacks. The U.S. Department of Homeland Security (DHS) and the U.S. Department of Justice (DOJ), together with federal partners, have launched a new website to combat the threat of ransomware. StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses, and other organizations. The new StopRansomware.gov is a collaborative effort across the federal government and the first joint website created to help private and public organizations mitigate their ransomware risk.
“As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity,” said Secretary Mayorkas. “Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools, and more. These attacks directly impact Americans’ daily lives and the security of our Nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk.”
“The Department of Justice is committed to protecting Americans from the rise in ransomware attacks that we have seen in recent years,” said Attorney General Garland. “Along with our partners in and outside of government, and through our Ransomware and Digital Extortion Task Force, the Department is working to bring all our tools to bear against these threats. But we cannot do it alone. It is critical for business leaders across industries to recognize the threat, prioritize efforts to harden their systems, and work with law enforcement by reporting these attacks promptly.”
StopRansomware.gov is the first central hub consolidating ransomware resources from all federal government agencies. Prior to today, individuals and organizations had to visit a variety of websites to find guidance, latest alerts, updates, and resources, increasing the likelihood of missing important information. StopRansomware.gov reduces the fragmentation of resources, which is especially detrimental for those who have become victims of an attack, by integrating federal ransomware resources into a single platform that includes clear guidance on how to report attacks, and the latest ransomware-related alerts and threats from all participating agencies. StopRansomware.gov includes resources and content from DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department of Justice’s Federal Bureau of Investigation (FBI), the Department of Commerce’s National Institute of Standards and Technology (NIST), and the Departments of the Treasury and Health and Human Services.
Ransomware is a long-standing problem and a growing national security threat. Tackling this challenge requires collaboration across every level of government, the private sector, and our communities. Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year. Further, there have already been multiple notable ransomware attacks in 2021 and despite making up roughly 75% of all ransomware cases, attacks on small businesses often go unnoticed. Like most cyber-attacks, ransomware exploits the weakest link. Many small businesses have yet to adequately protect their networks and StopRansomware.gov will help these organizations and many more to take simple steps to protect their networks and respond to ransomware incidents, while providing enterprise-level information technology (IT) teams the technical resources to reduce their ransomware risk.
DHS, DOJ, the White House, and our federal partners encourage all individuals and organizations to take the first step in protecting their cybersecurity by visiting StopRansomware.gov.