Ransomware was the focus of a Cyber Incident Response Simulation hosted by the United States Secret Service this week, which gathered together fellow government agencies, executive business leaders and law enforcement to address cyberattacks and how to respond.
“Our cyber incident response simulations are aimed at strengthening our partnerships with the private sector and ensuring that we work together before an incident occurs,” David Smith, assistant director of the Office of Investigations, said. “These simulations help our private sector partners better understand the critical nature of cyber security preparedness, as well as the role and capabilities of law enforcement. Recognizing a cyber intrusion and quickly activating an incident response plan is essential to mitigating an attack and shielding an organization from damage. Simulations also build trust between the private sector and law enforcement, increasing our ability to respond quickly and effectively when needed.”
This tenth iteration of the simulation was conducted alongside members of the Cyber Incident Alliance Council, and creators set up a simulated scenario for participants. These scenarios showcased an escalating cyberattack on a fictional company. Therein, participants could work to enhance their planning, collaboration and information sharing to improve efficacy during ransomware attacks.
Ransomware is malicious software that blocks access to compromised computers or data. After infection, it tries to spread to shared storage drives and other accessible systems, expanding hackers’ reach. Hackers tend to use it to encrypt data or programs and then extort victims for payments in exchange for decrypting the information and restoring access. If demands are not met, those systems and data can then be withheld or deleted outright.
Such attacks have hit personal as well as commercial information over the years. The Secret Service investigates such attacks, providing both technical investigations into the cyber actors responsible and financial investigations of ransom recipients.