The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations:
- Backup Systems Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verify their integrity and restoration process. If recovering from a previous attack, ensure to restore a stronger system than the one lost. Always ensure the system is fully patched and updated to the latest version.
- Reinforce basic Cybersecurity awareness and education For a ransomware to succeed, it often requires the human element. Ensuring that employees are trained on recognizing cyber threat, phishing, and suspicious links is essential to avoid falling prey to a ransomware. Remind employees of the different means they can use to report incidents in a timely manner.
- Revisit and refine cyber incident response plans A clear path to address cyber-attacks when they occur needs to be set in place. Whether its internal or external to the agency, the path needs to be clear and discrete. Ensure response plans include how to request assistance from external cybersecurity specialist, such as your national Cirt.
Some other helpful Links:
- MS-ISAC Security Primer on Ransomware
- CISA Tip Sheet on Ransomware
- NGA Disruption Response Planning Memo
- NASCIO Cyber Disruption Planning Guide
The Guyana National CIRT recommends users and administration to follow these guidelines and to apply them where necessary.
Steps to Safeguard Against Ransomware Attacks (US-Cert)