New StopRansomware Guide Published by CISA & Partners
The StopRansomware Guide has an updated version published including additional recommendations about things to do to minimize the threat of ransomware attacks. This guide is a one-stop source of information created by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) that shares recommendations for sensing, stopping, responding to, and coping with ransomware attacks. It gives step-by-step strategies for dealing with prospective attacks. The modified guide was created via the Joint Ransomware Task Force (JRTF), which was established by Congress in 2022 to handle the increasing ransomware attack threats.
The StopRansomware Guide may be implemented by government departments and companies and businesses of different sizes to make sure proper defenses are set up to prohibit attacks. It can help with the creation, implementation, and maintenance of incident response programs to assure the quickest possible recovery in case of an attack. The new guide consists of new ideas for fortifying defenses against the most prevalent initial access vectors that ransomware groups use and initial access brokers use to get a foothold in systems, such as breached credentials, phishing, brute force attempts to get passwords, and sophisticated social engineering, together with details about protecting cloud backups and strategies for threat hunting.
There are two sections in the StopRansomware Guide. The first section gives detailed, pertinent, and established best practices that could be taken to lower risk, such as determining critical information that requires protection and proactive steps that could aid in ransomware attack minimization. The second section of the guide gives in-depth data on identification, evaluation, containment, removal, and post-incident rescue, and features a checklist to steer organizations through a systematic, calculated, and appropriately managed incident response strategy.
All organizations are strongly encouraged to study this guide and carry out recommendations to avoid prospective ransomware incidents, stated CISA. To be able to deal with the ransomware crisis, the incidence of ransomware intrusions must be reduced along with their impacts, through the application of lessons realized from ransomware attacks that have impacted too many organizations.
Download the new StopRansomware Guide from CISA via this link.
Senators Require Answers from Google Regarding the Practice of Sensitive Location Data Deletion
Ten Senators wrote to Google requiring answers concerning its policies for getting rid of sensitive location information, for instance, visits to domestic violence shelters, fertility centers, abortion clinics, addiction treatment facilities, and other sensitive places. Subsequent to the Supreme Court’s decision that overturned Roe v Wade and eliminated the federal right to abortion, Google declared that it will be presenting a different data deletion policy and will be trashing exact geolocation information that pointed out a visit to particular sensitive places. Trips to sensitive places are very personal and the data may be abused. Location information may be utilized by third parties for targeted marketing associated with sensitive health conditions or persons may be targeted according to their personal medical care decisions.
The policy was announced in July 2022, and Google stated the change will be in effect in the following weeks, however, the policy doesn’t seem to have been persistently executed. The Washington Post looked into this to find out the degree to which geolocation information was being erased by Google and given to reporters at hospitals, Planned Parenthood clinics, and fertility clinics in a number of states. The reporters discovered that Google kept the actual name and address of the place they went to, for example, the Planned Parenthood Clinic in San Francisco Health Center. In other instances, Google documented a visit to a close by an establishment or the general community, and in some other instances, the location information was erased in 24 hours. A different report showed Google just erased sensitive location information in 60% of test instances, in spite of Google saying that exact geolocation information will be erased. The Senators stated that when the data deletion policy isn’t continuously employed, it may be regarded as a misleading practice.
Sens. Mazie Hirono (D-HA), Elizabeth Warren (D-MA), Peter Welch (D-VT), Edward Markey (D-MA), Ron Wyden (D-OR), Richard Blumenthal (D-CT), Bernie Sanders (I-VT), Dick Durbin (D-IL), Patty Murray (D-WA), and Amy Klobuchar (D-MN) expressed their worry that Google wasn’t keeping its responsibility to remove sensitive location information, particularly visits to reproductive health care services.
The Senators questioned Google to validate how its systems determine a visit to a sensitive location and asked for a complete listing of the metadata employed to make that determination, together with any supporting files. Additionally, they asked for a complete listing of the areas Google regards as sensitive, asked for an explanation of the duration of storing sensitive location information after a visit, and if Google permits advertisers to target persons according to visits to sensitive areas that can show a user’s medical data. In addition, they asked Google to agree to constantly delete sensitive location information associated with any visit to a reproductive health care facility within 24 hours of that visit happening and to accept a third-party review to confirm that such a process was carried out.
The Senators are waiting for Google’s response until May 26, 2023.