Cyber IT Supervisory Forum eBook

Internal Use Only

Ransomware: What Should You Do?

• Pay attention to this threat • Check out what’s available from CISA: ‒ Joint Ransomware Task Force | CISA ‒ Advisories: o https://www.cisa.gov/news events/cybersecurity-advisories o https://www.cisa.gov/news events/cybersecurity-advisories/aa24-242a ‒ Free tools and services (good for small and medium biz): o https://www.cisa.gov/resources tools/resources/free-cybersecurity-services and-tools

15

© 2024 THE MITRE CORPORATION. ALL RIGHTS RESERVED. APPROVED FOR PUBLIC RELEASE. DISTRIBUTION UNLIMITED 23-01698-01.

Internal Use Only

Nation State Cyber Actors: PRC is Main Risk Today

 According to the Director of National Intelligence: [10] ‒ If Beijing feared that a major conflict with the United States were imminent, it almost certainly would consider undertaking aggressive cyber operations against U.S. homeland critical infrastructure and military assets worldwide. ‒ Such a strike would be designed to deter U.S.

 Targeted sectors (that we know about): communications, energy, transportation, and water systems manufacturing, construction, maritime, government, IT, and education sectors. [11] [12]  What about the financial sector?

military action by harming our economy, impeding U.S. decision-making, inducing societal panic, and interfering with the deployment of U.S. forces

16

© 2024 THE MITRE CORPORATION. ALL RIGHTS RESERVED. APPROVED FOR PUBLIC RELEASE. DISTRIBUTION UNLIMITED 23-01698-01.