On July 15, 2021, the DOJ and DHS together with additional federal partners launched StopRansomware.gov, a one-stop hub intended to help the private and public sector mitigate the threat of ransomware. The website includes a range of resources geared towards private organizations, public and private critical infrastructure sectors, K-12 educational institutions, and state, local, tribal, and territorial governments.
Consistent with the U.S. government’s increased focus on the ransomware threat, the website identifies different ways to report ransomware incidents to law enforcement, encourages such reporting, and in one place even states that “every ransomware incident should be reported to the U.S. government.”
The website contains a compilation of resources and links to DOJ/FBI, DHS/CISA, and Treasury/FinCEN/USSS materials, including a list of best practices for preventing and responding to ransomware incidents, a ransomware response checklist, self-assessment tools, and information on reporting ransomware incidents. The website also provides links to the alerts and joint statements issued by CISA, FBI, and Treasury as well as links to webinars, white papers, guidance from CISA, NIST, MS-ISAC, the FBI, and the National Cyber Investigative Joint Task Force.
The website also provides both FAQs and ransomware tips for non-technical personnel, covering vast swaths of potential readership in an attempt to increase understanding of the nature of the ransomware threat and measures that can be taken to mitigate it.
Finally, StopRansomware.gov also contains a listing of relevant press releases that includes criminal indictments and other actions by law enforcement and public statements by U.S. government officials and agencies in connection with the release of guidance.