Cyber intrusions are inevitable, and evolving ransomware variants and double-extortion techniques make it even more difficult for organizations to secure their critical digital infrastructure. However, practicing strong security practices will help organizations against ransomware and exfiltration attempts.
With an aim to assist public and private organizations in addressing security breaches stemming from ransomware attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently released a security fact sheet to safeguard critical corporate data from various exfiltration attempts.
The fact sheet helps individuals and organizations understand the severity of the ransomware threat landscape and how to defend against it. CISA highly recommended businesses to adopt the guidelines, which include:
- Maintaining offline, encrypted backups of data and regularly testing backups
- Creating, maintaining, and exercising a basic cyber incident response plan, resiliency plan, and associated communications plan
- Mitigating internet-facing vulnerabilities and misconfigurations to reduce the risk of hackers exploiting this attack surface
- Employing best practices for the use of Remote Desktop Protocol (RDP) and other remote desktop services
- Conducting regular vulnerability scanning to identify and address vulnerabilities, especially those on internet-facing devices
- Updating software, including operating systems, applications, and firmware, regularly
- Disabling or blocking inbound and outbound Server Message Block (SMB) Protocol and remove or disable outdated versions of SMB
- Reducing the risk of phishing emails from reaching end users by enabling strong spam filters and implementing a cybersecurity user awareness and training program
The security recommendations from the federal agency come after multiple ransomware and extortion attacks were reported on critical business sectors like the meat-processing giant JBS and the U.S. Colonial Pipeline. Ransomware cartels continue to target various critical infrastructures across the globe with new ransomware variants.
“All organizations are at risk of falling victim to a ransomware incident and are responsible for protecting sensitive and personal data stored on their systems. This fact sheet provides information for all government and private sector organizations, including critical infrastructure organizations, on preventing and responding to ransomware-caused data breaches,” CISA said.