A new public awareness program rolled out by the Department of Homeland Security’s cyber wing aims to help organizations fight the ransomware scourge hitting governments, schools and private industry.
The Cybersecurity and Infrastructure Security Agency’s (CISA) public awareness campaign features:
- Information on available resources to defend against ransomware attacks.
- Trainings.
- Webinars.
- CISA alerts.
Ahead of announcing the program at the U.S. Conference of Mayors virtual discussion, Acting CISA Director Brandon Wales told The Hill that the initiative “includes working collaboratively with our public and private sector partners to understand, develop and share timely information about the varied and disruptive ransomware threats. Anyone can be the victim of ransomware, and so everyone should take steps to protect their systems.”
Wales reportedly urged attending mayors to promote the public awareness campaign and reminded them not to acquiesce to cyber kidnappers' ransom demands. The effort will primarily focus on K-12 educational institutions and the COVID-19 supply chain, including researchers and vaccine developers, which ransomware operatives consider prime targets. For example, in a November, 2020 cyber extortion the Baltimore County Public Schools, the nation’s 25th largest school district, was forced to close schools for two days and initiate a multi-day malware recovery effort. Other cyber extortions have hit New Jersey’s Livingston Public Schools, the San Bernardino City Unified School district, and other districts in Flagstaff, Arizona and Rockville Center, New York.
As for COVID-19-related ransomware assaults, Microsoft recently disclosed that it had blunted a number of attacks launched by North Korean and Russian state-backed hackers going after pharmaceutical companies and researchers working on COVID-19 vaccines.
CISA has plenty of companions in what’s fast becoming a stepped up effort by industry, government, law enforcement and international organizations to take on cybercrime. Last week, the Institute for Security and Technology lifted off a ransomware task force backed by 17 founding members to build a road map of objectives, solutions and milestones to help cybersecurity decision-makers stake out their defensive and offensive positions.
The association counts IT players Citrix, Cybereason, Datto, McAfee, Microsoft and Rapid7 along with the Cyber Threat Alliance, Global Cyber Alliance and SecurityScorecard among its initial task force seats.