The US Cybersecurity and Infrastructure Security Agency (CISA) has released a guidance designed to help government and private sector organizations, as well as critical infrastructure organizations, prevent data breaches stemming from ransomware attacks.
“All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems,” CISA said.
“Malicious actors increasingly exfiltrate data and then threaten to sell or leak it—including sensitive or personal information—if the ransom is not paid. These data breaches can cause financial loss to the victim organization and erode customer trust.”
CISA's fact sheet includes best practices for preventing ransomware attacks, protecting personal and sensitive information, and responding to ransomware-caused data breaches.
To prevent ransomware attacks the agency recommends organizations to maintain offline, encrypted backups of data and regularly test backups; create, maintain, and exercise a basic cyber incident response plan, resiliency plan, and associated communications plan; mitigate internet-facing vulnerabilities and misconfigurations; reduce the risk of phishing emails; practice good cyber hygiene.