Ransomware is a type of malware that attempts to deny access to a user's data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid.

Alternative Text
Alternative Text
What can you do? 

Be Prepared!

  • Create, maintain, and exercise a basic cyber incident response plan.
  • Create and maintain a communications plan that includes response and notification procedures for a ransomware incident.
  • Conduct regular vulnerability scanning.
  • Regularly patch and update software.
  • Ensure devices are properly configured and security features enabled.
  • Maintain best practices for remote desktop services.
  • Consider using an intrusion detection system.
  • Have a cybersecurity awareness plan to keep employees up to date on phishing, malware and other common ransomware avenues.
  • Use multi-factor authentication.
  • Apply principle of least privilege to all systems and services.
  • Keep network logs and analyze activity.
Want to learn more? 

Ransomware: What It Is and What to Do About it

Ransomware (CISA)

CISA Ransomware Guide

CISA Ransomware Training