Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Stop Ransomware
 
 
  • Resources
  • Newsroom
  • Alerts
  • Report Ransomware
  • Cisa.gov
Breadcrumb
  1. Home
  2. Stop Ransomware

Ransomware 101

  • General Information
  • How Can I Protect Against Ransomware?
  • I've Been Hit By Ransomware!
  • Ransomware FAQs

Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

Malicious actors continue to adjust and evolve their ransomware tactics over time, and the U.S. Government, state and local governments, as well as the private sector remain vigilant in maintaining awareness of ransomware attacks and associated tactics, techniques, and procedures across the country and around the world. 

Looking to learn more about this growing cyber threat? The Ransomware Guide from the Cybersecurity and Infrastructure Security (CISA) and the MS-ISAC (Multi-State Information Sharing & Analysis Center) is a great place to start. Released in September 2020, this joint Ransomware Guide includes industry best practices and a response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans. 

The U.S. Secret Service provides a guide that describes what actions organizations should take to cultivate an understanding of the technological and regulatory limitations, responsibilities, and resources available to them, and how to apply the acquired knowledge to their operations.

NIST's CSF Ransomware Profile can be applied to organizations using or looking to use the NIST Cybersecurity Framework.

We invite you to click on icons below to find additional Ransomware-related information and resources. These resources are designed to help individuals and organizations prevent attacks that can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. We also encourage you to take a look at some of the other resources made available by interagency partners, namely NIST at the Department of Commerce, as well as the National Cyber Investigative Joint Task Force.

General Information

Ransomware FAQs

Tips

General Information

FAQs

Tips

 

 

 

Stop Ransomware
CONTACT
 
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • The White House
  • USA.gov
  • Website Feedback