Ransomware Attacks - NIST Issues Protection Guidance

May 13, 2021

NIST Cybersecurity Pagehttps://www.nist.gov/news-events/news/2021/05/nist-releases-tips-and-tactics-dealing-ransomware

The National Institute of Standards and Technology (NIST) advisory documents - how to avoid ransomware attacks - how to recover: 

Steps organizations can take to avoid attacks:

   (1) Use antivirus software at all times;

   (2) Keep computers fully patched;

   (3) Block access to ransomware sites;

   (4) Allow only authorized apps;

   (5) Restrict personally-owned devices;

   (6) Use standard user accounts;

   (7) Avoid using personal apps on work computers; and

   (8) Beware of unknow sources.

Steps organizations can take to recover:

   (1) Make an incident recovery plan with defined roles and strategies for decision-making;

   (2) Back up and restore data based on a defined strategy; and

   (3) Maintain a list of up-to-date internal and external contacts, including law enforcement.

NIST Fact Sheet:

https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Tips_for_Preparing_for_Ransomware_Attacks.pdf

NIST Infographic:

https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Ransomware_Tips_and_Tactics_Infographic.pdf

 

More NIST Articles / Information

UPDATED | NIST Issues Definition of Critical Software Called for by Cybersecurity Executive Order

NIST Releases Tips & Tactics for Control System Cybersecurity

How AI Could Alert Firefighters of Imminent Danger

Small Business Cybersecurity Tips

Click Image Below For PDF - View / Download

Cover Page Cybersecurity Catalog 2021_00

Seculore (iCERT Member)

Cyber Resources 

CISA

Bad Practices

CrowdStrike Advice

 

CrowdStrike’s® latest guide (requires registration) breaks down topics you need to know in order to protect your biz, including:

  • The top 5 cybersecurity misconceptions that put you at risk

  • Real-world examples of cyberattacks and how businesses overcame them

  • How the right combination of technology, people, and processes can offer the best protection

Read the full “Cybersecurity for Small Businesses” report here.

iCERT Paper

 

Liability and Cyber Security Issues for Emergency Communications and ResponseThis report provides an array of insights into matters associated with liability and cyber security, for government agencies and commercial enterprises, as both endeavor to deliver emergency calling and response services.