US releases joint advisory warning organisations against observed behaviours and trends of ransomware operations from 2021

On Wednesday 9^th of February 2022, Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) released a joint cybersecurity advisory where they warned of an increase globalized threat of ransomware as FBI, CISA, NSA, ACSC, and NCSC have “observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.”

The advisory details that the FBI, CISA and NSA have observed ransomware related incidents against 14 of the 16 U.S. critical infrastructure sectors while the ACSC has observed continued ransomware targeting of Australian critical infrastructure entities as well as the NCSC recognising ransomware as the biggest cyber threat facing the United Kingdom due to it observing multiple attacks targeting businesses, charities, the legal profession, and public services in the Local Government and Health Sectors. The advisory also details the observed behaviours and trends by ransomware operations in 2021 as well as recommended mitigations to defend against these observed behaviours.  

The advisory also listed immediate actions organisations can take to protect against ransomware operations:

• Update your operating system and software.
• Implement user training and phishing exercises to raise awareness about the risks of suspicious links and attachments.
• If you use Remote Desktop Protocol (RDP), secure and monitor it.
• Make an offline backup of your data.
• Use multifactor authentication (MFA).