Ransomware
Ransomware is a type of malware in which hackers access files and encrypt them, demanding payment to restore access. Coverage includes ransomware attacks on cities, states, schools and public utilities, as well as legislative efforts to curb the threat and set policy on how to respond.
CISA Cybersecurity Advisor Domingo Rivera said organizations preparing against ransomware should adopt strong practices for maintaining backups and decide ahead of time everything from who to contact to whether to pay.
Late last month, a class-action action lawsuit was filed against St. Joseph's/Candler Hospital Health System, which suffered a ransomware attack that could have exposed the data of more than a million people.
A newly formed joint committee is looking for innovative — and effective — ways to crack down on ransomware payments, bolster localities’ cybersecurity defenses and meet widening gaps in the workforce.
Some state and local governments are turning to managed security service providers to shore up the substantial gaps in the cybersecurity workforce. The shift away from a more traditional hiring strategy has its benefits.
The proposal instructs agencies to use “phishing-resistant” multifactor authentication, segment networks and increase encryption. The public comment period on the proposal closes later this month.
The university’s network was shut down Tuesday and classes were canceled following a ransomware attack. Officials said they don’t have evidence that personal information was exposed, but the investigation is ongoing.
For more than a decade there have been calls to merge physical and cybersecurity in global organizations. Is this the right time? What are the benefits?
A two-year study concluded that deep-water drilling rigs are not prepared in general to protect themselves against cyber attacks. Rigs need more than firewalls and antivirus software to be secure, the study found.
Criminals will keep using ransomware as long as its profitable, but outright banning all payments could be deeply painful for critical sectors and small businesses. The road ahead is full of policy hurdles.
Senior federal officials met with education, insurance, critical infrastructure and technology organizations to talk expanding the cybersecurity workforce, defending essential systems and designing more secure tech products.
