CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks
Cybersecurity authorities have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021.
The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, healthcare, financial services, education, energy, charities, legal institutions, and public services.
“Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally,” the agencies said in the joint bulletin.
To mitigate and reduce the likelihood and impact of ransomware attacks, organizations are being urged to —
– Keep all operating systems and software up to date
– Limit access to resources over internal networks, especially by restricting RDP and using virtual desktop infrastructure
– Raise awareness among users about the risks of phishing
– Mandate strong, unique passwords and multi-factor authentication to protect accounts from takeover attacks
– Encrypt data in the cloud
– Implement network segmentation
– Disable unnecessary command-line utilities, and restrict scripting activities and permissions
– Enforce time-based access for privileged accounts
– Maintain offline (i.e., physically disconnected) backups of data
Read the full article – https://thehackernews.com/2022/02/cisa-fbi-nsa-issue-advisory-on-severe.html