National Cybersecurity Alliance and PCI Security Standards Council Issue Joint Bulletin on Ransomware Attack

National Cybersecurity Alliance and PCI Security Standards Council Issue Joint Bulletin on Ransomware Attack

The PCI Security Standards Council (PCI SSC) and the National Cybersecurity Alliance issued a joint bulletin on the increasing threat of ransomware attacks. The full bulletin can be viewed here.

What is the threat?

Ransomware attacks have been front and center in the news over the past year due to high-profile breaches that have impacted businesses across the globe. The high-profile ransomware attacks in 2021 have been part of a larger global increase in ransomware crime. Over the calendar year 2021, it is estimated that ransomware attacks cost the world $20 billion and hit 37% of all businesses and organizations. These cyber threats are real and require immediate action to better protect against these ongoing criminal activities.

How do these attacks work?

A ransomware attack involves cyber actors gaining access to your network, systems and data and then rendering parts of these unusable, and/or stealing some of the data you have stored. The cyber-actor then ‘ransoms’ the data back requiring payment to provide a decryption key to allow for the recovery of the encrypted data and systems or to guarantee sensitive data is not further exposed. In some cases, ransomware actors will publicly release or sell the data that has been stolen if the victim does not pay. Ransomware attacks are often the result of a phishing attack, when a company employee clicks on a malicious link, or the exploitation of known vulnerabilities in outdated software that an organization has not updated using patches they receive from software vendors.

What are some prevention best practices?

When it comes to protecting payment card data, which is often the target of a cyber-attack, adherence to the PCI DSS is considered a best practice. It consists of steps that mirror industry accepted security best practices and at a high level requires you to consider:

How do you keep the criminals out?
How do you slow them down if they get in?
How do you detect them and respond to that detection in the quickest and most appropriate way?
For any ransomware event, it’s important to understand the scope of the data which may have been potentially exposed. Criminals have been in your network and even if data is not included in the ‘ransom’, it may have been copied to be used later. All such data must be considered compromised, and appropriate actions taken.

For dealing with the threat of ransomware attacks related to payment security, the PCI DSS can be helpful in preventing an attack. Some critical best practices include:

Network Segmentation – Identify and secure your organizations most important/valuable data.

Train your employees - Develop a plan that educates your employees on the best ways to avoid these types of attacks

Test your systems - Have you tested your systems lately to see if it’s easy for someone to break in?

Maintain a Secure Network - What does someone have access to once they are ‘in’ your network?

Patch - Your vendors send you “patches” to fix problems in your payment systems or other systems. Use them.

Monitor - Are you monitoring your systems for changes? Have suspicious or unauthorized/unapproved changes been investigated?

Backup your systems - Have you tested the integrity of your backups recently (both physical and virtual backup systems)? Have you tested the backup and recovery process recently? Making sure you can recover data from your backups is crucial in the event your systems are locked by ransomware.

Prepare - You and your employees should know how to recognize and respond to an attack, including what to do and who to contact. This should include formal processes for identifying all sensitive data potentially exposed during the event, so that this can be considered compromised – regardless of any restoration or remediation processes.

The Importance of Software Security - Software Security is also a key component to guarding against ransomware attacks since ransomware attacks often happen because of outdated or inferior software.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Survey: Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Mobile Applications Are Empowering Security Personnel

    From real-time surveillance and access control management to remote monitoring and communications, a new generation of mobile applications is empowering security personnel to protect people and places. Mobile applications for physical security systems are emerging as indispensable tools to enhance safety. They also offer many features that are reshaping how modern security professionals approach their work. Read Now

Featured Cybersecurity

Webinars

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3