Ransomware Attacks - NIST Issues Protection Guidance

May 13, 2021

NIST Cybersecurity Pagehttps://www.nist.gov/news-events/news/2021/05/nist-releases-tips-and-tactics-dealing-ransomware

The National Institute of Standards and Technology (NIST) advisory documents - how to avoid ransomware attacks - how to recover: 

Steps organizations can take to avoid attacks:

   (1) Use antivirus software at all times;

   (2) Keep computers fully patched;

   (3) Block access to ransomware sites;

   (4) Allow only authorized apps;

   (5) Restrict personally-owned devices;

   (6) Use standard user accounts;

   (7) Avoid using personal apps on work computers; and

   (8) Beware of unknow sources.

Steps organizations can take to recover:

   (1) Make an incident recovery plan with defined roles and strategies for decision-making;

   (2) Back up and restore data based on a defined strategy; and

   (3) Maintain a list of up-to-date internal and external contacts, including law enforcement.

NIST Fact Sheet:

https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Tips_for_Preparing_for_Ransomware_Attacks.pdf

NIST Infographic:

https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Ransomware_Tips_and_Tactics_Infographic.pdf

 

Coming Soon

Cybersecurity Resource Catalog (Draft 05

Seculore (iCERT Member)

Cyber Resources 

CrowdStrike Advice

 

CrowdStrike’s® latest guide (requires registration) breaks down topics you need to know in order to protect your biz, including:

  • The top 5 cybersecurity misconceptions that put you at risk

  • Real-world examples of cyberattacks and how businesses overcame them

  • How the right combination of technology, people, and processes can offer the best protection

Read the full “Cybersecurity for Small Businesses” report here.