top of page

2021 Updated Ransomware Advisory + Resources

  • Writer: clarkespositolaw
    clarkespositolaw
  • Dec 22, 2021
  • 2 min read



The Federal Bureau of Investigation (FBI) released their Internet Crime Report which detailed the 21% increase in reported ransomware cases and 225% increase in associated losses from 2019 to 2020. Since the last report in 2020, the government has introduced StopRansomWare.gov and maintained the already established resources from:

  • Dept. of Treasury Office of Foreign Assets Control (OFAC)

  • Dept. of Treasury Office of Cyber Security and Critical Infrastructure Protection (OCCIP)

  • Dept. of Treasury Financial Crimes Enforcement Network (FinCEN)

  • Federal Bureau of Investigation Cyber Task Force

  • Secret Service Cyber Fraud Task Force

  • Cybersecurity and Infrastructure Security Agency (CISA)

  • Homeland Security Investigations Field Office

StopRansomWare.gov offers a variety of resources including the extremely valuable ransomware guide. The guide, prepared by CISA, is split into two section, Ransomware Prevention Best Practices and Ransomware Response Checklist.


Ransomware Prevention Best Practices

CISA offers excellent in depth recommendations for understanding how ransomware attacks happen and how to structure digital databases to be as secure as possible. CISA offers guidance as to how information should be encrypted and backed up incase any of the victim's structures need to be rebuilt after an attack. There is also discussion about building a response plan with a notification system that informs the necessary employees and federal agencies as soon as any suspicious activity is noticed, collectively called a Cyber Incident Response Plan.


CISA then details the best practices for building defenses and response systems that will directly respond to the possible Ransomware Infection Vector. The infection vectors, or methods in which the ransomware infects a system, mentioned are:

  • Internet-Facing Vulnerabilities and Misconfigurations;

  • Phishing;

  • Precursor Malware Infection; and

  • Third Parties and Managed Service Providers.

The last portion of this section details very clear steps for building roadblocks for any potential ransomware attacks. These methods include network segmentation, building a network diagram to help incident response teams react more quickly and strengthening cloud security systems.


Ransomware Response Checklist

There are 19 steps that each victim of a ransomware attack must immediately and methodically move through once the attack is detected. Broadly, the sequence has three phases: Detection and Analysis; Containment and Eradication; and Recovery and Post-Incident Activity.


CISA also offers two sets of contacts that will offer guidance once an attack has been detected or is suspected.


Federal Asset Response Contacts

The Cybersecurity Advisor of CISA offers specific guidance to help evaluate and remediate ransomware incidents. This includes remote assistance with identifying the exact extent of the breach as well as analysis of the infection vectors.

Federal Threat Response Contacts

The Federal Bureau of Investigation (FBI) and the U.S. Secret Service assist in conducting a criminal investigation and collect relevant incident artifacts including models of the system structure and samples of any malware used.

Have questions related to anything you've read above? Feel free to connect with us using the contact form at the bottom of the Home page or send us an email at contact@clarkespositolaw.com.


Be sure and check out our videos as well on our website and on our YouTube page.




 
 
 

Comments


How can we be of help?

New York Office:

211 E. 43rd Street, 7th Floor

New York, NY 10017

Connecticut Office:

9 Mott Ave., Suite 210

Norwalk,  CT 06850

917.546.6997

Stay Connected. Subscribe.

Thanks for subscribing!

  • YouTube
  • Instagram
  • LinkedIn
  • Facebook

Per The NY State Attorney Ethics Rules, See The Following Statement:

 

Attorney Advertising Disclaimer: The content of this website has been prepared by the Clark-Esposito Law Firm, P.C. for informational purposes only and should not be construed as legal advice. The material posted on this website is not intended to create, and receipt of it does not constitute, a lawyer-client relationship, and readers should not act upon it without seeking professional legal counsel. The Clark-Esposito Law Firm, P.C., did not produce and is not responsible for the content of off-site legal resources. The materials on this site may constitute advertising under various state ethics rules.

NYC, NYS, & PANYNJ M/WBE Certified Minority/Women Owned and Led Business

© 2025 by Clark-Esposito Law Firm, P.C.

bottom of page