Ransomware is a type of malware that attempts to deny access to a user's data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid.

What can you do? 

Be Prepared!

  • Create, maintain, and exercise a basic cyber incident response plan
  • Create and maintain and communications plan that includes response and notification procedures for a ransomware incident
  • Conduct regular vulnerability scanning
  • Regularly patch and update software 
  • Ensure devices are properly configured and security features enabled
  • Maintain best practices for remote desktop services
  • Consider using an intrusion detection system
  • Have a cyber security awareness plan to keep employees up to date on phishing, malware and other common ransomware avenues
  • Utilize multi-factor authorization
  • Apply principle of least privilege to all systems and services
  • Keep network logs and analyze activity
Want to learn more? 

Ransomware: What It Is and What to Do About it

Ransomware (CISA)

MS-ISAC Security Primer: Ransomware

MS-ISAC Ransomware: Facts, Threats, and Countermeasures

CISA Ransomware Guide

CISA Ransomware Training