General Information

These resources are designed to help individuals and organizations prevent ransomware attacks that can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. 

  • Ransomware Guide
    • A joint product from CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC), which is a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack. The guide, published in September 2020, aims to inform and enhance network defense and reduce exposure to a ransomware attack, and it includes two resources: 1) Ransomware Prevention Best Practices; and 2) a Ransomware Response Checklist.
  • CISA Insights: Ransomware Outbreak
    • This product lays out three sets of straightforward steps any organization can take to manage their risk. These recommendations are written broadly for all levels within an organization.
  • Ransomware: What It Is & What To Do About It
    • A National Cyber Investigative Joint Task Force (NCIJTF) joint-seal ransomware fact sheet provides the public important information on the current ransomware threat and the government’s response, as well as common infection vectors, tools for attack prevention, and important contacts in the event of a ransomware attack.
  • Ransomware Protection and Response (NIST)
    • The Computer Security Resource Center (CSRC) within the National Institute of Standards and Technology (NIST) offers a webpage on the ransomware threat with guidance, white papers, and how-to-guides designed to help organizations detect and respond.
  • A Guide to Ransomware (U.S. Secret Service) 
    • This guide defines ransomware and describes what actions organizations should take to prepare, prevent, and respond to ransomware attacks.
  • Preparing for a Cyber Incident (FBI)
    • This FBI guide is geared toward a general audience and provides information on how to prepare for an FBI investigation of a cyber intrusion. It lists benefits and realities of working with the FBI. The guide provides details about what the FBI will and will not do while also helping to differentiate the FBI from other agencies working cyber intrusions. 
  • FBI Cyber Investigative Response
    • This is a high-level overview of things for cyber security professionals to consider and expect during an FBI investigation of a cyber intrusion, including descriptions of what the FBI can and cannot do.