The U.S. Cybersecurity and Infrastructure Security Agency Lays Out Strategic Vision and Priorities in the Wake of Texas Ransomware Attacks.


This new document, entitled Strategic Intent highlights ways to “defend today, secure tomorrow” and comes out as the CISA director admits that ransomware is “only getting worse.”

The coordinated ransomware attacks on 23 Texas municipalities last month demonstrate the lengths cybercriminals are willing to go to in order to attain their demanded ransom (in the case of the Texas cities, $2.5 USD). On the heels of these attacks, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs unveiled the agency’s new strategic intent document.

The document spells out how CISA will work to address the ever-growing threat of cyberattack by defining its mission and a high-level framework that will be used – a framework that includes the sharing of information between state and local agencies.

Krebs spoke to an audience at Auburn University about ransomware and how agencies should learn from the Texas attacks. “If you do pay [the ransom] you’re just incentivizing the ransomware actor to keep doing this,” he said. “It is not in the interest of your next-door neighbor or the next county to pay.”

With the Texas Department of Information Resources, DHS, and the FBI are all working together to investigate the 23 attacks, evidence continues to point to a single threat actor or organization.

Both public and private sector organizations need to be mindful that coordinated attacks, and those that seek to engulf the entire organization (and not just a few endpoints) as its’ victim are both becoming the norm.

Putting proactive controls in place, such as Security Awareness Training to reduce the risk of users engaging with malicious content in email and on the web, are critical, as the Texas attacks demonstrate the damage that can be done from a single attack can be business-altering.

Request A Quote: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your quote for KnowBe4's security awareness training and simulated phishing platform and find out how affordable this is!

Get A Quote Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews