The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) published the #StopRansomware Guide — an updated version of the 2020 guide containing additional recommended actions, resources and tools. The guide was produced through the Joint Ransomware Task Force (JRTF), an interagency body established by Congress in 2022 to ensure unity of effort in combating the threat of ransomware attacks.
The #StopRansomware Guide is intended to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond and recover, including step-by-step approaches to address potential attacks. The update incorporates lessons learned from the past two years, including recommendations for preventing common initial access techniques, such as compromised credentials/passwords and advanced forms of social engineering; recommendations to address cloud security backups; and threat hunting tips for detection and analysis.