Ransomware is a long-standing problem and a growing national security threat with roughly $350 million paid in ransom in 2020, a significant increase from 2019.
On July 15th as part of an ongoing response, The U.S. Department of Homeland Security (DHS) and the U.S. Department of Justice (DOJ), together with federal partners announced that they have dedicated new resources and an initiative to combat the threat of ransomware. To protect American businesses and communities they have launched StopRansomware.gov - the first joint website to act as a one-stop hub where private and public organizations can find helpful resources on how to mitigate the risk of ransomware. The website provides easy-to-use, straightforward information to help organizations and individuals better understand the threats from, and the consequences of, a ransomware attack. Additionally, there are ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners that can be used by any individual or business.
The U.S Government encourages organizations to use the website to understand the threat of ransomware, mitigate risk, and in the event of an attack, know what steps to take next.
Cybersecurity directly impacts Americans’ daily lives and the security of the country as online criminals have targeted critical infrastructure, small businesses, large corporations, essential services, educational institutions, healthcare providers, and many more. The new resources can help every organization in the country to learn how to better protect themselves from ransomware attacks. The best way American businesses can mitigate the increased risk of ransomware is by a coordinated approach on a national scale. The DOJ’s efforts will provide both businesses and governments to share best practices, methods, and strategies of avoiding the negative impact and high ransoms paid derived by ransomware attacks.
“I think the new StopRansomware site is a step in the right direction.” Jason Shapiro, an IT consultant with iuvo Technologies and cybersecurity expert. He further described the nature of the problem: “I think that for real change to occur, we need … a carrot and a stick approach. Have a cybersecurity-PSA type program to raise awareness of better security practices to go with this new website, but also pass laws to impose real costs on businesses for getting hacked and losing control of customer data.”
Another IT consultant at iuvo, Christine Fecteau, agreed: “I think this [StopRansomware.gov] is a great resource; rather than individuals or businesses having to search for information on every entity’s website, the links and information are all accessible here…The Ransomware Guide (Sept 2020) provides best practices for ransomware prevention. Many of these we have discussed before, including offline backups, antivirus and anti-malware, updated software and hardware, and having a plan. If you haven’t developed an incident response as part of your planning, it’s time to do so; the guide provides a checklist that will prove very helpful in developing a response plan.”
Though the website is a great resource, it's not without flaws. Faith Miller thought of the site: “Who is the site being marketed towards? It says anyone who uses computers, but a lot of the lingo is tech-heavy?”
This sentiment was shared by Jason Shapiro, who recently wrote a blog about ransomware. “Overall security won’t improve until businesses see cyberattacks as an existential threat.”
What are your thoughts on the website? Contact iuvo today to hear more about ransomware, the threat it poses, and ways you can protect yourself and your business!