CISA launches ransomware awareness campaign

The Cybersecurity and Infrastructure Security Agency (CISA) has launched an awareness campaign to reduce the threat of ransomware to public- and private-sector organizations.

CISA’s Reduce the Risk of Ransomware Campaign encourages all organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat, but it is especially focusing on raising awareness among COVID-19 response organizations and K-12 educational institutions

The government networks’ growing attack surface created by remote workers, outdated technology, inadequate defenses, increasingly tight cybersecurity budgets and the rise of cyber insurance, ransomware can be especially profitable for attackers preying on local governments.

Additionally, attackers now have access to ransomware-as-a-service tools. They are not only holding data for ransom; some are posting encrypted versions of victims’ data, threatening that if a ransom is not paid all of the data will be released for public access.

CISA’s new web page, cisa.gov/ransomware, features four categories of ransomware resources:

  1. Official CISA updates for system administrators.
  2. Tips and best practices for home users, organizations and technical staff.
  3. Fact sheets and infographic to help organizations and individuals better understand the threats from and the consequences of a ransomware attack.
  4. Trainings and webinars for both technical and non-technical audiences focusing on organizational perspectives and strategic overviews.

“CISA is committed to working with organizations at all levels to protect their networks from the threat of ransomware,” acting CISA Director Brandon Wales said. “This includes working collaboratively with our public and private sector partners to understand, develop and share timely information about the varied and disruptive ransomware threats.”