(Last Updated On: July 26, 2021)

Understanding Ransomware – A U.S. Government Report

U.S.Department of Homeland Security, Cybersecurity and Infrastructure Security Agency

Published December 2020

Presented by SCARS

Understanding Ransomware – A CISC Guide

We want to share this document with the public to help create a greater understanding of these crimes. Our mission is to help educate & prevent cybercrime for individuals and their employers.

Overview of Ransomware

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. We have seen this recently with the Colonial Pipeline shutdown in the eastern United States under the Biden Administration.

Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion. The monetary value of ransom demands has also increased, with some demands exceeding US $10 million.

Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.

NOTE: SCARS is a formal crime victims’ assistance partner of DHS CISA.

CISA_MS-ISAC_Ransomware Guide_S508C

Resources:

CISA recommends that organizations review the following:

Always Report All Scams – Anywhere In The World To:

Go to reporting.AgainstScams.org to learn how

U.S. FTC at https://reportfraud.ftc.gov/#/?orgcode=SCARS and SCARS at www.Anyscams.com
Visit reporting.AgainstScams.org to learn more!