With ransomware attacks on critical national infrastructure on the rise, the U.S. government has stepped up its cybersecurity response. So far, this has included a cybersecurity executive order from the White House and the creation of a new cybersecurity collaboration center with the National Security Agency (NSA), among other initiatives.
Today, as part of this ongoing response, agencies across the U.S. government announced new resources and initiatives to help protect American businesses and communities from ransomware attacks. The U.S. Department of Justice (DOJ) and the U.S. Department of Homeland Security (DHS), together with federal partners, have launched a new website to combat the threat of ransomware. StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses and other organizations. The new website is a collaborative effort across the federal government and is the first joint site created to help private and public organizations mitigate their ransomware risk.
“The Department of Justice is committed to protecting Americans from the rise in ransomware attacks that we have seen in recent years,” said Attorney General Merrick B. Garland of the DOJ. “Along with our partners in and outside of government, and through our Ransomware and Digital Extortion Task Force, the department is working to bring all our tools to bear against these threats. But we cannot do it alone. It is critical for business leaders across industries to recognize the threat, prioritize efforts to harden their systems and work with law enforcement by reporting these attacks promptly.”
“As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity,” said Secretary Alejandro Mayorkas for the DHS. “Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more. These attacks directly impact Americans’ daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk.”
StopRansomware.gov is the first central hub consolidating ransomware resources from all federal government agencies. Before today, individuals and organizations had to visit a variety of websites to find guidance, latest alerts, updates and resources, increasing the likelihood of missing important information. StopRansomware.gov reduces the fragmentation of resources, which is especially detrimental for those who have become victims of an attack, by integrating federal ransomware resources into a single platform that includes clear guidance on how to report attacks, and the latest ransomware-related alerts and threats from all participating agencies. The new site includes resources and content from DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the DOJ’s FBI, the Department of Commerce’s National Institute of Standards and Technology (NIST), and the Departments of the Treasury and Health and Human Services.
Ransomware is a long-standing problem and a growing national security threat. Tackling this challenge requires collaboration across every level of government, the private sector and communities. Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year. Further, there have already been multiple notable ransomware attacks in 2021, including recent attacks on software provider Kaseya, oil and gas giant Colonial Pipeline and international meat processor JBS.
Despite making up roughly 75% of all ransomware cases, attacks on small businesses often go unnoticed. Like most cyberattacks, ransomware exploits the weakest link. Many small businesses have yet to adequately protect their networks, and StopRansomware.gov will help these organizations and many more take simple steps to protect their networks and respond to ransomware incidents, while providing enterprise-level information technology (IT) teams the technical resources to reduce their ransomware risk.