As the nation's risk advisor, the Cybersecurity and Infrastructure Security Agency (CISA) is asking for your support with our cybersecurity campaign, Reduce the Risk of Ransomware, a focused, coordinated and sustained effort over the next several months.  Our goal is to help reduce the instances of public and private sector organizations and businesses falling victim to a ransomware attack.  We know this is a shared goal with all our stakeholders and partners.

Ransomware incidents have become more destructive and impactful in nature and scope.  Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks.  These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations.  According to "The Cost of Malicious Cyber Activity to US Economy", (February 2018), White House Council of Economic Advisers (CEA), estimates that the cost to the US economy was between $57 billion and $109 billion in 2016 alone.  The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.

CISA offers several resources and services for ransomware prevention that can help large and small organizations manage this and other cyber risks.  Our library includes information about the critical steps that should be taken to respond to and recover from a ransomware attack.  This includes recommended cyber hygiene services that are available at no cost to help organizations with vulnerability scanning, web application scanning, penetration testing, and phishing assessments to help assess, identify, and reduce exposure to cyber threats.  Most of our resources are based on operational insight from CISA and key collaborative partners.

CISA is driven to enhance our state, local, tribal, and territorial (SLTT), industry, and federal partners' ability to manage cybersecurity risks.  A core and enabling factor to this drive is working collaboratively with these and our international partners to assess, develop, and share timely information about various common and emerging cyber threats.

Managing the risk associated with ransomware and other cyber threats is especially important in the era of COVID-19 with the quick and overwhelming transition of many organizations to remote work.  Getting cybersecurity protection and response information about ransomware spread as broadly and widely as possible cannot be done by CISA alone.  We need your help.

Over the next several months, CISA will be frequently and consistently pushing information about ransomware resources via social media and select public engagements.  We are asking you to amplify and share these messages with your members and partners.  Also, we encourage you to share your ideas with us on other methods to get this important information to the right organizations and people that need it most.

Additionally, you may also find this Cyber Risk to Public Safety: Ransomware resource helpful.

SLTT organizations can contact us at:  CyberLiaison_SLTT@cisa.dhs.gov.

Private sector organizations can contact us at:  CyberLiaison_Industry@cisa.dhs.gov.

You can visit our updated CISA Ransomware page at www.cisa.gov/ransomware.