News Comments FAQ Related Articles

NIST Develops Guidelines For Dealing With Ransomware Recovery

3200

In order to help the firms hit with ransomware attacks, The National Cybersecurity Center of Excellence, at the National Institute of Science and Technology (NIST) along with vendors and businesses within the cybersecurity community, teamed up for the sake of developing a recovery guide.
If the reports from the Data Integrity Recovering from Ransomware and Other Destructive Events are to be believed, the goal of the guide, according to the researchers involved, is to aid the organizations that try to recover their data from cybersecurity events, help them in smooth recovery in the event of compromise, and manage enterprise risks.
“ Organizations must be able to quickly recover from a data integrity attack and trust that any recovered data is accurate, complete, and free of malware,” researchers said in the guide. “ Data integrity attacks caused by unauthorized insertion, deletion, or modification of data have compromised corporate information including emails, employee records, financial records, and customer data.”

For the convenience of the targeted readers, the guide is segmented into three volumes which can be used in various ways depending on the user' s role within their organization be it business decision makers, technology and program managers, or IT professionals.
The guide also offers how to restore data to its last known good configuration and how to identify correct backup versions as well as poisoned, or altered data, and how to determine identify who altered said data. Advice on how to tackle ransomware attacks is also given in the guide.

Tags:

Author:

Comments ( 0 )

No comments available

Add a comment

Frequently asked questions ( 5 )

What, exactly is NIST SP 800-171?

Special Publication (SP) 800-171 contains security guidelines developed by the National Institute of
Standards and Technology (NIST) that specifies how you should configure your information
systems to protect Controlled Unclassified Information (CUI).

Who is required to comply with NIST SP 800-171?

Any organization that handles CUI data and does business with the Department of Defense
(DoD) (either as a prime or subcontractor) are required to comply with Defense Federal
Acquisition Regulation Supplement (DFARS) clause 252.204.7012 (Safeguarding Unclassified
Controlled Technical Information) by 31 December 2017. Compliance with NIST SP 800-171
satisfies the DFARS clause requirement.

How do I comply with NIST SP 800-171?

Full compliance with NIST SP 800-171 requires creation and maintenance of the following
documentation (also known as artifacts): System Security Plan (SSP), and Plan of Action and Milestones (POA&M).
The POA&M contains a list of all security controls that are not fully implemented within your
CUI system environment and includes both associated fix actions and estimated completion
dates.

What differentiates your NIST SP 800-171 compliance service from other vendors?

Our NIST SP 800-171 compliance service is staffed by practicing subject matter experts who
currently, conduct system audits (Security Controls Assessment), develop SSPs, POA&Ms and
implement system security controls (Information System Security Engineering) for multiple DoD
and Federal Civilian Agencies. Our extensive experience helps us fully understand what is
required to both achieve and maintain compliance for your organization.

What is Controlled Unclassified Information (CUI)?

The CUI Program is a Government-wide program that standardizes the way the executive
branch manages unclassified information that requires safeguarding or dissemination controls
required by law, Federal regulation, and Government-wide policy. This Program replaces
existing agency programs like For Official Use Only (FOUO), Sensitive But Unclassified (SBU),
Official Use Only (OUO), and others. The CUI Program addresses the current inefficient and
confusing patchwork of over 100 agency-specific policies throughout the executive branch that
leads to inconsistent marking and safeguarding as well as restrictive dissemination policies.“
All categories of information that currently qualify as CUI can be located here at the National
Archives CUI Registry.

Related Forums in NIST Develops Guidelines For Dealing With Ransomware Recovery

Will ransome virus will affect linux server

May 16, 2017

Related News in NIST Develops Guidelines For Dealing With Ransomware Recovery

CryptoMix Clop Ransomware Variant Targets Not Individual Machines But Whole Networks

Mar 12, 2019

ECh0raix Ransomware Strain QNAP NAS devices

Jul 30, 2019

'The Nasty List' Instagram Phishing Scam Targets Instagram Credentials

Apr 19, 2019

NIST Develops Guidelines For Dealing With Ransomware Recovery

Sep 8, 2017

‘NamPoHyu Virus’ ransomware target vulnerable Samba servers

Apr 20, 2019

A Sneaky Ransomware That Seems Benificial. But Deceptive.

Apr 5, 2019

CrySIS ransomware targeting businesses is on the rise

May 28, 2019

Wannacry attack is far from over – Experts

May 16, 2017

Rank

User

Points

Top Contributers

naveelansari

135850

Top Contributers

ayanbhatti

92510

Top Contributers

hamzaahmed

32150

Top Contributers

linuxhelp

31040

Top Contributers

muhammadali

24500

Can you help David Lopez Guillen ?

Ayuda urgente instale SSL para servidor Opensuse y ahora no funciona tengo servicio web

hola segui este tutorial para tener un certificado ssl y ahora no se ve mi app en la red, espero alguien pueda ayudarme, tengo M9oodle en3.5 en un servidor open suse y ahora no funciona por favor ayuda.

https://www.linuxhelp.com/how-to-create-ssl-certificate-in-opensuse