Technology, the Treasury Department and the Department of Health and Human Services. It also has a section for state, local, tribal and territorial governments that lists no-cost ser- vices — such as self-assessments and training — that can help them guard against ransomware attacks. The offer- ings range from entry-level “What is ransomware?” fact sheets and basic cyber hygiene recommendations to highly detailed guidance on specific remediation and recovery tactics.
One such resource is the Cyber Security Evaluation Tool. The stand- alone desktop application walks IT administrators through the process of evaluating specific assets and overall systems. It also includes a dedicated Ransomware Readiness Assessment module — billed as “a tiered set of practices to help organizations better
assess how well they are equipped to defend against and recover from a ran- somware incident.”
Federal agencies, meanwhile, can draw on a much broader array of support from CISA, including on-site assessments and penetration testing.
The Biden administration is also working on ways to crack down on ransomware attackers, who generally operate from nations that actively sup- port or turn a blind eye to the criminal activity. In October, the White House convened a virtual summit with rep- resentatives from 30 countries to dis- cuss ways to disrupt and prosecute those executing ransomware attacks, block the financial channels they use, strengthen national resiliency against attacks and increase the diplomatic efforts to counter ransomware.
Specific next steps were not dis-
closed, but the participants promised to “enhance the exchange of informa- tion and provide requested assistance where able to combat ransomware activity leveraging infrastructure and financial institutions within our ter- ritories. We will consider all national tools available in taking action against those responsible for ransomware operations threatening critical infra- structure and public safety.”
How CDM can help
Ransomware frequently infects a sys- tem when users click on a website link or email attachment that downloads and installs malware. But other vectors exist, and encryption and exfiltration activities often exploit existing vulner- abilities. The WannaCry attack, for example, quickly spread to more than 300,000 systems without any assistance
November/December 2021 FCW.COM 51