About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-23-106279 1 (2022-11-16)

handle is hein.gao/gaonwy0001 and id is 1 raw text is: The Big Picture essential to enhancing cybersecurity resiliency and Ransomware attacks are on the rise at organizations and industries of all sizes. Hospitals, schools, emergency services, and other industries have been the victims of such attacks. Ransomware is a form of malicious software designed to render the underlying data and systems unusable. Ransom payments are then demanded in exchange for restoring access to the locked data and systems. Four stages of a ransomware attack INITIAL INTRUSION Attackers gain entry to the system or device. 2 RECONNAISSANCE AND LATERAL MOVEMENT Attackers increase their knowledge and deploy ransomware. DATA EXFILTRATION AN ENCRYPTION Attackers transfer data and lock the user out of the device. RANSOM DEMAND The device displays the demands for payment. Source: GAO analysis based on information from the Cybersecurity and Infrastructure Security Agency, Center for internet Security, and Federal Bureau of Investigation; image tomasknopp/stock.adobe.com. GAO-23-106279 State, local, tribal, and territorial (SLTT) government organizations, including schools, have been particularly targeted by ransomware attacks, which can have devastating impacts on vital government operations and services. According to the Multi-State Information Sharing and Analysis Center-an independent, nonprofit organization-SLTTs experienced approximately 2,800 ransomware incidents from January 2017 through March 2021. Consequently, federal assistance provided to SLTTs to prevent and respond to ransomware threats is What GAO's Work Shows GAO's work identified areas where the federal government could improve the coordination and assistance it provides to others for addressing ransomware attacks. 1. Interagency Coordination The Cybersecurity and Infrastructure Security Agency (CISA), Secret Service, and FBI are the primary federal agencies that provide direct assistance aimed at preventing and responding to ransomware attacks on SLTTs. This is provided through education and awareness, information sharing and analysis, cybersecurity review and assessment, and incident response. However, in September 2022, we reported that they lacked processes for more effective federal coordination on ransomware assistance to SLTTs. Specifically, the interagency coordination between the three agencies on ransomware assistance to SLTTs was informal and lacked documented procedures. > We recommended that CISA, Secret Service, and FBI i ransomware assistance to SLTTs. 2. Awareness, Outreach, and Communication In September 2022, we reported that although SLTTs were generally satisfied with the ransomware assistance provided by the federal government, officials from all 13 SLTTs we interviewed identified challenges with awareness, outreach, and communication: SLTTs reported difficulties identifying the federal services that were available to them. GAO-23-106279 Federal Ransomware Assistance

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most