As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks.
As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. CISA’s Shields Up campaign webpage provides recommendations, products, and resources to increase organizational vigilance and keep stakeholders informed about cybersecurity threats and destructive exploits against critical infrastructure.
Every organization—large and small—should adopt a heightened posture when it comes to cybersecurity and protect their most critical assets against disruptive cyber incidents. CISA also encourages our stakeholders to voluntarily share information about cyber-related events that could help mitigate current or emerging cybersecurity threats to critical infrastructure.”
CISA urges everyone to protect themselves online and adopt a heightened posture when it comes to cybersecurity. CISA offers the following guidance for individuals, organizations, and leadership to enhance online security.
Shields Up: Guidance for Families
Shields Up: Guidance for Organizations
Shields Up: Guidance for Corporate Leaders and CEOs
Have you been affected by ransomware?
This checklist will take you through the response process from detection to containment and eradication.
As the nation’s cyber defense agency, CISA stands ready to help the nation prepare for, respond to, and mitigate the impact of cyber-attacks.
Protect all devices with Antivirus
Enable multi-factor authentication
Choose strong passwords
Avoid Phishing scams
Shop at safe websites
Check website URL
Check your privacy settings
Remember to log off
Ransomware is a form of malware that encrypts files on device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.
Paying ransom will not ensure your data is decrypted or that your systems or data will no longer be compromised. CISA, MS-ISAC, and other federal law enforcement do not recommend paying ransom. In addition, attackers have begun following their ransom demands to decrypt the data with a follow-on extortion demand to keep data private.
- #StopRansomware: LockBit 3.0
- Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
- CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
- Alert (AA22-011A) Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
- Russia Cyber Threat Overview and Advisories (Webpage)
CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats (pdf)
CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (pdf)
Alert (AA22-057A) Destructive Malware Targeting Organizations in Ukraine
Alert (AA22-110A) Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ‘PrintNightmare’ Vulnerability
Alert (AA22-131A) Protecting Against Cyber Threats to Managed Service Providers and their Customers
Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities
Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access
Cyber Preparedness Resources
- CISA Establishes Ransomware Vulnerability Warning Pilot Program
- CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capabilities of Russian State-Sponsored and Cyber Criminal Actors
- CISA/DOE Insights: Mitigating Attacks Against Uninterruptible Power Supply Devices
- Updated: Conti Ransomware Cybersecurity Advisory
New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks