In response to the massively increasing number of ransomware attacks, The U.S. Department of Justice (DOJ) and the U.S. Department of Homeland Security (DHS), together with federal partners, have decided to launch an online tool called Stop Ransomware. The tool is aimed at helping both private and public entities improve their level of cyber security. This project marks the first joint initiative designed to mitigate the risk of ransomware.
Developing an effective response capability to ransomware requires taking specific steps for prevention, preparation, detection, verification, containment, eradication, and recovery. With LIFARS Ransomware Response Package, you will have the tools, processes, and team at your disposal to stand ready for even the most devious ransomware attack.
“Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more. These attacks directly impact Americans’ daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk”, said Secretary Alejandro Mayorkas for the Department of Homeland Security.
The StopRansomware.gov website offers answers to 3 basic questions:
- What is ransomware?
- Have you been hit by ransomware?
- How to avoid being hit by ransomware?
The StopRansomware.gov website is also a place where links to various referral resources related to the three main sections mentioned above are collected. The main resource in the “What is ransomware” section is CISA’s Ransomware Guide, containing “Ransomware Prevention Best Practices” and a “Ransomware Response Checklist.”
The main sources also include:
Fact Sheets & Information
This section provides insightful information to help organizations and individuals better understand the threats and consequences of a ransomware attack. Basic information on Ransomware, its specific variants, as well as information related to investigation and payment are presented. Other sections address specific sectors that are often targeted by ransomware, namely healthcare and education.
If you want to learn more about how to protect yourself from ransomware and what to do if you have already been affected by ransomware, you need to go to Ransomware 101. There are also frequently asked questions from the field as well as general information.
This section contains free services for home users, organizations and technicians that can help protect them from the growing threat of ransomware. In general, services such as Cyber Hygiene Services and Cyber Security Evaluation Tool (CSET) are recommended for organizations.
The website also features a section called Training, which is targeted to both technical and non-technical audiences, including managers, executives, and technical experts who provide organizational perspective and strategic insight. Topics covered include:
- Vulnerability Management Using Drupal
- How to Adress the Threat of Ransomware attacks
- Incident Response Training Series
- Cyber Safety Series
This is a list of recommended webinars that provide a closer look at the threats associated with a ransomware attack and its implications.
As stated on the website, “CISA is developing a catalog of Bad Practices that are exceptionally risky, especially in organizations supporting Critical Infrastructure or NCFs. The presence of these Bad Practices in organizations that support Critical Infrastructure or NCFs is exceptionally dangerous and increases risk to our critical infrastructure. We rely on these critical infrastructures for national security, economic stability, and life, health, and safety of the public. Entries in the catalog will be listed here as they are added.”
This section looks at campaigns to mitigate the risks of ransomware and raise awareness. The campaigns are mainly focused on the education sector in the online space and the healthcare sector.
Sector Risk Management Agencies
This section lists the 16 critical infrastructure sectors and their designated Sector Risk Management Agency (SRMA).
The website also provides the ability to report an incident, contact the relevant authorities and provide up-to-date alerts related to ransomware activity.
StopRansomware cannot stop hackers profiting from ransomware attacks, but it can help raise awareness in this area and alert organizations and individuals to possible and available methods of defense.