The U.S. government's first interagency initiative to address the growing threat of ransomware launched Wednesday.
StopRansomware.gov, a website managed by the Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) along with the Department of Justice (DOJ) and the White House, offers cybersecurity resources, tools and other information. The site offers tips and guidance for ransomware attack preparation, prevention and response, with focuses on best practices such as restricting users' permissions, which may prevent malware from running or limit its capability to spread through a network. More importantly, incidents can be reported directly through the website.
In a video posted to Twitter along with the announcement, DHS Secretary Alejandro Mayorkas said the StopRansomware website was launched help businesses and other organizations reduce the risk of ransomware attacks. Newly-appointed CISA Director Jennifer Easterly also posted about the initiative on Twitter, stating the new website was created because "ransomware is wreaking havoc on businesses across America."
Mayorkas said the new federal resource will help individuals, businesses and other organizations reduce the risk of ransomware attacks and protect their cybersecurity.
"We have all witnessed the rising threat of ransomware attacks," Mayorkas said in the video. "These attacks are becoming more dangerous, and they are costly."
According to the DOJ, roughly $350 million in ransoms was paid to threat actors in 2020, a more than 300% increase from the previous year.
While companies are advised not to pay ransoms to retrieve data, major payouts have been made in just the last six months alone, highlighting the growing intensity of the ransomware problem. Several organizations, including the Colonial Pipeline Co. and JBS USA, confirmed ransom payments just days apart. A record-setting demand was also made against Taiwan PC manufacturer Acer for $50 million.
This is not the first time Mayorkas has addressed the urgency of preventing ransomware attacks. During an RSA Conference session earlier this year, he said fighting ransomware attacks was DHS' number one priority. He also stated that ransomware posed a national security threat. And it appears he was right.
Since his RSA Conference speech in April, there have been significant attacks against critical infrastructure, cyber insurance companies and healthcare organizations that forced systems offline and caused devastating disruptions. Just when it seemed ransomware attacks were reaching a peak, software vendor Kaseya earlier this month suffered a massive supply chain attack.
The education sector has also been ravaged by ransomware lately; for example, the Buffalo Public School System was forced to close school for one week and may have had highly sensitive student data leaked. A portion of the StopRansomware website is specifically marked for K-12 resources. According to the website, it was included "in response to the rise in malicious activity with ransomware attacks against K-12 educational institutions since the onset of COVID-19 and the increase in remote learning."
Other services include free CISA scanning and testing services to help organizations identity threats and a ransomware readiness assessment tool.
Another important part of the website is that it aggregates a number of resources and information in a single destination. The DOJ said "fragmentation" of such resources is especially detrimental for businesses and individuals who have become victims of an attack.
Additionally, Mayorkas said the website provides a way for organizations to work with the federal government in partnership to address the ransomware situation and help reduce the growing number of attacks.