Ransomware Guides and Services

  • Ransomware Guide
    • A joint product from CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC), which is a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack. The guide, published in September 2020, aims to inform and enhance network defense and reduce exposure to a ransomware attack, and it includes two resources: 1) Ransomware Prevention Best Practices; and 2) a Ransomware Response Checklist.
  • Cyber Hygiene Services
    • At no financial cost, CISA offers several scanning and testing services to help organizations assess, identify and reduce their exposure to threats, including ransomware. By requesting these services, organizations of any size could find ways to reduce their risk and mitigate attack vectors.  
  • Elections Cyber Tabletop in a Box
    • A self-guided resource, CISA developed the Elections Cyber Tabletop Exercise Package (commonly referred to as “tabletop in a box”) for state, local, and private sector partners. The package includes template exercise objectives, scenario, and discussion questions, as well as a collection of cybersecurity references and resources.  
  • Malicious Domain Blocking and Reporting (MDBR)
    • The Malicious Domain Blocking and Reporting (MDBR) service is available for U.S. State, Local, Tribal, and Territorial (SLTT) government members of the Multi-State Information Sharing and Analysis Center® (MS-ISAC®) and Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), in partnership with CISA and Akamai.
  • Nationwide Cybersecurity Review (NCSR)
    • The Nationwide Cybersecurity Review is a no-cost, anonymous, annual self-assessment designed to measure gaps and capabilities of state, local, tribal and territorial governments’ cybersecurity programs. It is based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) and is sponsored by DHS and the Multi-State Information Sharing and Analysis Center® (MS-ISAC®).


Victims of ransomware should report it immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.


Please share your thoughts.
We recently updated our ransomware product survey and we would welcome your anonymous feedback. 

Was this webpage helpful?  Yes  |  Somewhat  |  No