CISA Releases Guidance for Ransomware Defense & Response

Officials' recommendations include having encrypted backups and creating an incident response plan.

Dark Reading Staff, Dark Reading

August 18, 2021

1 Min Read

After several months of disruptive and headline-making ransomware attacks on large businesses in the United States, the DHS' Cybersecurity and Infrastructure Security Agency (CISA) has released a list of recommendations for preventing and responding to these kinds of incidents.

The fact sheet, titled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches, includes several suggestions such as maintaining offline, encrypted backups and implementing a basic incident response and communications plan. The document also urges readers not to pay a ransom if hit with an attack.

"CISA strongly discourages paying a ransom to criminal actors," the sheet reads. "Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities. Paying the ransom also does not guarantee that a victim’s files will be recovered."

The full data sheet can be read here.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights