Steps to Safeguard Against Ransomware Attacks

release date: July 30, 2019

The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State
Information Sharing & Analysis Center (MS-ISAC), National Governors
Association (NGA), and the National Association of State Chief Information
Officers (NASCIO) have released a
Ransomware Statement
with recommendations for state and local governments
to build resilience against

  1. Back
    up systems—now (and daily).
    Immediately and regularly back up all critical agency
    and system configuration information on a separate device and store the
    backups offline, verifying their integrity and restoration process. If recovering
    after an attack, restore a stronger system than the one lost, fully
    patched and updated to the latest version.
  2. Reinforce
    basic cybersecurity awareness and education.
    Ransomware attacks
    often require the human element to succeed. Refresh employee training on
    recognizing cyber threats, phishing, and suspicious links—the most common
    vectors for ransomware attacks. Remind employees of how to report
    incidents to appropriate IT staff in a timely manner, which should include
    out-of-band communication paths.
  3. Revisit
    and refine cyber incident response plans.
    Have a clear plan to
    address attacks when they occur, including when internal capabilities are
    overwhelmed. Make sure response plans include how to request assistance
    from external cyber first responders, such as state agencies, CISA, and
    MS-ISAC, in the event of an attack.

CISA encourages organizations to review the Joint
Ransomware Statement
and the following ransomware guidance: