This month, the Federal Bureau of Investigation published information and guidance for organizations about ransomware attacks, along with some suggested preventative measures. There is a section in the bulletin discussing whether victims should consider paying ransom to attackers. According to the statement, the FBI “does not advocate paying a ransom, in part because it does not guarantee and organization will regain access to its data,” and paying ransoms emboldens criminals to target others.
Several of the suggested “best practices” are somewhat generalized, such as increased employee awareness about how ransomware is delivered, and basic security techniques (we would recommend adding anti-phishing training and tests to the list). However, several others are more specific. All of the measures listed should be considered as parts of a comprehensive standard information security program.
Among the list of the FBI’s “Cyber Defense Best Practices” recommended are: