US Government Rolls Out Multiple Measures to Combat Ransomware

In a report by Politico, the Biden Administration announced its plans to help agencies go on defense and offense against hackers whose economically paralyzing attacks pose a growing threat to the U.S. This is in conjunction with the State Department’s $10 million offering for any information about hackers working for foreign governments.

Other options on the table include launching disruptive cyberattacks on hacker gangs, as well as developing partnerships with businesses to speed up the sharing of information about ransomware infections.

But what is ransomware? Ransomware is a form of malicious software (or malware) that encrypts the data found on the victim’s computer or computer system and can only be accessed after paying a ransom to the attackers. More often than not, ransomware is a highly targeted attack that attempts to lock you out of your files until a sum of money is paid.

The counter measures announced by the U.S. Government is aimed directly at those participating in “malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act.” The U.S. Department of Justice (DOJ) and the U.S. Department of Homeland Security (DHS), together with federal partners, have launched a new website to combat the threat of ransomware. 

StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses and other organizations. The new StopRansomware.gov is a collaborative effort across the federal government and is the first joint website created to help private and public organizations mitigate their ransomware risk.

“As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity,” said Secretary Alejandro Mayorkas for the Department of Homeland Security. “Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more.  These attacks directly impact Americans’ daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk.”

Like other forms of technology, cyberattacks are only getting more and more sophisticated. As technology advances, cyberattacks evolve along with it. There are several different ways that ransomware can infect your infrastructure. One of the most common methods is through emails that contain malicious attachments or links that redirect users to an infected website that automatically downloads malware without any notification prompts.

To better protect yourself and your business from these kinds of attacks, here are some things to keep in mind:

• Ensure that your employees know how to spot sketchy emails and know which links not to click. Investing in cybersecurity awareness seminars help mitigate the risk of human error which hackers greatly rely on.
• Making a copy of your data is only part of the battle against data loss - you need to make sure your data is encrypted and password protected as well. Make sure to use end-to-end encryption so your data is secure both while in storage and during transmission.
• An outdated system or software leaves you vulnerable to ransomware attacks. Updates are important because they often include critical patches to the security holes found in past versions.
• An antivirus software is designed to detect and safely remove malicious software from your computer. These programs scan files, programs, and other data stored on your computer to search for a wide variety of threats that might harm your device.
• A disaster recovery plan should be developed by your IT department or an outsourced IT consulting firm that allows a company to access and restore its data in the event of an unforeseen event. The main function of a disaster recovery plan is to quickly restore your systems, minimize downtime, and reduce the risk of data loss.
• If you don’t want the headache of reading pages upon pages of literature about various cybersecurity measures, you always have the option to hire a managed IT services provider (MSP) to take care of your IT security needs.
  
  

Sources: 

Greig, J. (2021, July 15). US State Department offering $10 million reward for state-backed hackers. ZDNet. https://www.zdnet.com/article/us-state-department-offering-10-million-reward-for-state-backed-hackers/.

U.S. Government Launches First One-Stop Ransomware Resource at StopRansomware.gov. The United States Department of Justice. (2021, July 15). https://www.justice.gov/opa/pr/us-government-launches-first-one-stop-ransomware-resource-stopransomwaregov.