Ransomware has become a significant cyber threat to our Nation, claiming victims such as local governments, hospital networks, and most recently K-12 schools. While ransomware incidents are prevalent among government entities and critical infrastructure organizations, individuals are still very much at risk. Malicious actors can target anyone with a device connected to the internet or important data stored on their network.
Ransomware is a type of malicious software, or malware, designed to infect computers and encrypt files until a sum of money or other form of ransom is paid. After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible devices.
Consequences of a ransomware attack can be severe and there is no guarantee a user will recover the files, even after paying the ransom. On a personal level, an infection can result in financial damage or disclosure of sensitive information. On an organizational level, ransomware can cause business disruptions, financial strain from a payout or costly investigations, and reputational damage causing loss of current or potential customers.
To help spread awareness about ransomware attacks, protective measures, and response tactics the Cybersecurity and Infrastructure Security Agency (CISA) developed the following resources:
- CISA Ransomware: a webpage full of resources to help individuals and organizations protect, detect, respond to, and recover from a ransomware attack, including alerts, fact sheets, trainings, and more.
- Ransomware Guide – Prevention Best Practices and Response Checklist: a customer centered, one-stop resource with best practices and ways to prevent, protect and respond to a ransomware attack
- CISA INSIGHTS – Ransomware Outbreak: provides background information on specific cyber threats and the vulnerabilities they exploit, as well as a ready-made set of mitigation activities
- US-CERT Alerts – Protecting Against Ransomware: security tips from the National Cyber Awareness System to protect yourself against ransomware
- Ransomware Reference Materials for K-12: information about increased cyber-attacks on K-12 schools and remote learning and best practices to avoid becoming a victim of ransomware
- K-12 Remote Learning Fact Sheet: resource for non-technical educational professionals, and includes general cybersecurity best practices, video-conferencing best practices, and a list of available resources
Victims of ransomware should report it immediately to CISA at www.us-cert.cisa.gov/report, a local FBI Field Office, or Secret Service Field Office.
