The U.S. Senate has approved new legislation aimed at helping government agencies and private-sector companies combat ransomware attacks. The legislation comes as local governments and schools continue to be hit by sophisticated – and in some cases coordinated – ransomware attacks.
The proposed law, the “DHS Cyber Hunt and Incident Response Teams Act,” authorizes the Department of Homeland Security (DHS) to invest in and develop “incident response teams” to help organizations battle ransomware attacks. Part of that means that the DHS would create teams to protect state and local entities from cyber threats and restore infrastructure that has been affected by ransomware attacks.
This legislation is not only warranted, but practically a requirement if our institutions are to have a fighting chance against these types of cyber attacks. Mega-corporations with significant cyber security budgets struggle to address these threats effectively. How could a school or local municipality even begin to do what’s needed without this kind of assistance and guidance? They simply don’t have the resources.
The best part about this legislation is not just the aid in recovery if and when an attack does happen, but the focus as well on mitigating these threats through proactive assessment and fortification of school and city technology infrastructures. With this could only come greater awareness and understanding of the threats we collectively face in organizations of every shape, size, and type.
It\’s a start. We\’re still a long way from being sufficiently protected. The vast majority of ransomware attacks start with a phishing email. Bad guys are constantly coming out with new strains to evade detection. It’s important to know if your network effective in blocking them when employees fall for social engineering attacks, and use tools that give you a look at the effectiveness of your existing network protection by simulating ransomware infection scenarios and cryptomining infection.