CISA ランサムウェアのリスクを低減するためのキャンペーンを開始し、ランサムウェア対策のサイトを立ち上げていますね。。。
こんにちは、丸山満彦です。
CISAがランサムウェアのリスクを低減するためのキャンペーンを開始し、ランサムウェア対策のサイトも立ち上げていますね。。。
● Cybersecurity and Infrastructure Security Agency: CISA
・2021.01.21 (news) CISA LAUNCHES CAMPAIGN TO REDUCE THE RISK OF RANSOMWARE
ランサムウェア対策のサイトはこちらです。。。
・RANSOMWARE GUIDANCE AND RESOURCES
| What is ransomware? | ランサムウェアとは何ですか? |
| Who is at risk from a ransomware attack? | 誰がランサムウェア攻撃のリスクに晒されていますか? |
| What are the impacts of ransomware? | ランサムウェアはどのような影響がありますか? |
| How do malicious cyber actors use ransomware to attack their victims? | 悪意のあるサイバー攻撃者はどのようにしてランサムウェアを利用して攻撃しているのでしょうか? |
| Who are malicious ransomware actors? | 悪意のあるランサムウェアは誰が実行しているのですか? |
| What are some mitigations against ransomware? | ランサムウェアに対する対応策にはどのようなものがありますか? |
| What are other best practices against ransomware? | ランサムウェアに対するその他のベストプラクティスにはどのようなものがありますか? |
今までの情報が一元的に見れるようになっていて便利ですね。。。
・2020.09.30 Ransomware Guide
the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center released a joint Ransomware Guide, which is a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack. CISA and MS-ISAC are distributing this guide to inform and enhance network defense and reduce exposure to a ransomware attack:
This Ransomware Guide includes two resources:
・Part 1: Ransomware Prevention Best Practices
・Part 2: Ransomware Response Checklist
[PDF]
・2020.11.02 Alert (AA20-302A) Ransomware Activity Targeting the Healthcare and Public Health Sector
Summary
This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection.
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See theATT&CK for Enterprise version 7for all referenced threat actor tactics and techniques.
This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health (HPH) Sector to infect systems with ransomware, notably Ryuk and Conti, for financial gain.
CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.
・CYBER THREATS TO K-12 REMOTE LEARNING EDUCATION
The Cybersecurity and Infrastructure Security Agency (CISA) has seen an increase in malicious activity with ransomware attacks against K-12 educational institutions. Malicious cyber actors are targeting school computer systems, slowing access, and rendering the systems inaccessible to basic functions, including remote learning. In some instances, ransomware actors stole and threatened to leak confidential student data unless institutions paid a ransom.
Since March, uninvited users have disrupted live-conferenced classroom settings by verbally harassing students, displaying pornography and violent images, and doxing meeting attendees.
・[PDF] Cyber Threats to K-12 Remote Learning Education
■ 報道
● SC Media US
・2021.01.21 CISA launches ransomware education program by Derek B. Johnson
・2021.01.22 CISA Launches Ransomware Awareness Campaign by
CISA is beginning a coordinated effort to encourage public and private sector organizations to mitigate the threat of ransomware.
・2021.01.22 Brandon Wales: CISA’s New Campaign Aims to Help Public, Private Sectors Defend Against Ransomware by
■ 参考
● まるちゃんの情報セキュリティ気まぐれ日記
・2020.10.30 米国CISA 経済的利益を目的としてヘルスケア業界をターゲットにしたサイバー犯罪者が、ランサムウェアをシステムに感染させるために使用する、戦術・技術・手順(TTP)の説明
Comments