Ransomware Guide (DHS and MS-ISAC)

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly published the Ransomware Guide, which details practices organizations should engage in to help manage the risk posed by ransomware. The guide consist of two parts, with the first providing best practices to prevent attacks and the second consisting of a response checklist. One of the guide’s initial recommendations is for critical infrastructure partners to join their respective Information Sharing and Analysis Center, or ISAC, of which WaterISAC is one. For this and other recommendations, the guide provides links and further explanations to help underscore their importance and facilitate their implementation. To emphasize the need to manage the ransomware threat even more, the guide observed that these incidents have become increasingly prevalent among state, local, tribal, and territorial government entities and critical infrastructure organizations. It notes that ransomware threat actors have adjusted their tactics over time, such as by threatening to release stolen data if victims refuse to pay, and that the monetary value of ransoms has increased, with some demands exceeding $1 million. It is a threat to take seriously, and the guide is being offered to assist.