US Agencies Failing to Oversee Ransomware Protections

The White House's goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies' lack of oversight of ransomware protections, according to a new Government Accountability Office report.
The GAO noted that some agencies only assess the adoption of basic cybersecurity protections and general guidance in critical sectors like energy and healthcare, rather than federal guidelines on addressing ransomware specifically.
The report analyzed ransomware mitigation strategies in four critical infrastructure sectors - critical manufacturing, energy, healthcare and public health, and transportation.
Most federal agencies that lead and manage risk for four critical sectors have assessed or plan to assess risks associated with ransomware, according to the GAO. However, the agencies have not fully gauged the use of leading cybersecurity practices or whether federal support has mitigated risks effectively in the sectors.
The findings come amid surging ransomware attacks in the past year, and prominent energy and water companies hit at the start of 2024.
Bolstering the cyber resilience of critical industries is a key aim of the White House's National Cybersecurity Strategy, which was unveiled in 2023.
NIST developed a cybersecurity framework for managing ransomware risk in February 2022.
The framework aims help organizations identify and prioritize opportunities for improving their security and resilience against ransomware attacks.
None of the Sector Risk Management Agencies the GAO assessed have determined the extent of adoption of the NIST ransomware profile as recommended by the National Infrastructure Protection Plan, the GAO found.
The risk and management agencies did identify seven other sets of practices from federal agencies and the cybersecurity industry that were used to address ransomware.
The report noted that these practices focus on foundational cybersecurity protections to manage a variety of cyber threats beyond ransomware.
The GAO made a total of 11 recommendations for the four SRMAs to improve the federal government's oversight of the adoption of specific ransomware protections in the relevant critical infrastructure sectors.
These focused on the Secretaries of State developing and implementing routine evaluation procedures.
These are to measure the effectiveness of federal support in reducing the risk of ransomware to the sectors, and determine the extent to which they are adopting leading cybersecurity practices in this area.
The Department of Homeland Security and Department of Health and Human Services agreed with their recommendations.
The Department of Energy partially agreed with one recommendation and disagreed with another.
The Department of transportation agreed with one recommendation, partially agreed with one, and disagreed with a third.
Mark B. Cooper, President & Founder, PKI Solutions, said the report revealed a worrying gap in the understanding and implementation of protections for core systems like identity and encryption in critical infrastructure.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 01 Feb 2024 17:10:06 +0000


Cyber News related to US Agencies Failing to Oversee Ransomware Protections

US Agencies Failing to Oversee Ransomware Protections - The White House's goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies' lack of oversight of ransomware protections, according to a new Government Accountability Office report. The GAO noted ...
9 months ago Infosecurity-magazine.com
Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
11 months ago Securityboulevard.com
How Cloud Solutions Can Lead to Stronger, More Secure IT Operations - Cloud services, which offer tools such as networks, servers, and data storage, can help federal agencies deliver better IT services while minimizing costs. Without adequate security measures, these services can expose agencies to cyberattacks. The ...
8 months ago Cyberdefensemagazine.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
10 months ago Unit42.paloaltonetworks.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
10 months ago Securityboulevard.com
How Government Agencies Can Leverage Grants to Shore Up Cybersecurity - COMMENTARY. Since the pandemic forced unprecedented adoption of remote access and delivery of government services, telehealth, and education, cybersecurity has rapidly shot to the top of priority lists for IT leaders. What was once a shiny object ...
6 months ago Darkreading.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
9 months ago Securityboulevard.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
11 months ago Helpnetsecurity.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
Best Ransomware Protection Practices for Midsize Organizations - Ransomware Protection has emerged as a crucial step in cybersecurity since ransomware attacks have become a major threat to businesses of all sizes, including midsize organizations. Ransomware attacks can be delivered via email attachments or links, ...
10 months ago Securityboulevard.com
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
9 months ago Malwarebytes.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
8 months ago Feeds.fortinet.com
The Top 5 Ransomware Takedowns - Learn about the recent achievements in the fight against ransomware as law enforcement agencies and cybersecurity organizations successfully disrupt operations, seize infrastructure, and safeguard victims from further attacks. Trigona ransomware, a ...
11 months ago Securityboulevard.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 month ago Securelist.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
9 months ago Techrepublic.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
8 months ago Bleepingcomputer.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
6 months ago Bleepingcomputer.com
Dozens of Rogue California Police Agencies Still Sharing Driver Locations with Anti-Abortion States - SAN FRANCISCO-California Attorney General Rob Bonta should crack down on police agencies that still violate Californians' privacy by sharing automated license plate reader information with out-of-state government agencies, putting abortion seekers ...
9 months ago Eff.org
VX-Underground malware collective framed by Phobos ransomware - A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. Phobos launched in 2018 in what is believed to be a ransomware-as-a-service derived from the ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)