Sen. Rob Portman, R-Ohio, the ranking member of the Senate Homeland Security and Governmental Affairs Committee, has released a report that documents the experiences of three U.S. companies targeted by the ransomware group, REvil, and recommends cybersecurity measures agencies and organizations should take to counter ransomware attacks.
“This report shows that all organizations, no matter the size or financial resources, can fall victim to sophisticated cyber adversaries,” Portman said in a statement published Thursday.
According to the report, ransomware groups gain access to networks of victims through phishing attacks. REvil stole sensitive data and post that data on its public blog using double extortion schemes before encrypting the victim’s networks.
The document recommends that the Cybersecurity and Infrastructure Security Agency (CISA) share incident reports received through the Cyber Incident Reporting for Critical Infrastructure Act and strengthen partnership with the FBI to help ransomware victims.
The bureau should maintain constructive working relationship with private organizations by considering ransomware victim priorities such as data protection and damage mitigation efforts.
Other recommendations are adopting zero trust approach, implementing multifactor authentication and patching vulnerabilities, developing incident response plans, maintaining offline backups and encrypting sensitive information.
“The Biden administration should work quickly to implement my recently enacted bipartisan Cyber Incident Reporting Act. This law will help prevent future cyberattacks by facilitating increased information sharing and enhance the federal government’s cyber defense and investigative capabilities,” noted Portman.