NIST Releases Draft Guidelines To Curb The Ransomware Epidemic

• The first draft on data integrity and protection is a guide to better identify and protect IT assets from data integrity attacks.
• The second document shares advice on improving the detection and mitigation of ransomware attacks.

Recently, the National Institute of Standards and Technology (NIST) unveiled practice guidelines to protect the confidentiality, integrity, and availability of data in an enterprise. NIST's National Cybersecurity Center of Excellence developed the two draft practice guidelines linked below.

• Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events
• Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

Changing ransomware landscape

Modern ransomware strains can move around the system while interacting with applications such as Microsoft's Active Directory and encrypting backups. Today’s attacks prompt authorities to look at the entire network and the enterprises and understand what that threat represents.

NIST, in its draft, has attempted to address current issues including how to implement vulnerability management, as well as network protection and awareness, throughout the entire IT infrastructure.

About the draft guidelines

The NIST draft guidelines were released in view of increasing threats from ransomware and the adoption of new tactics by threat actors in the last couple of years.

• The drafts offer updated advice and best practices on how to minimize the impact of a ransomware attack.
• Though NIST has earlier developed ransomware-related guidance, the present drafts focus on the entire lifecycle of a data integrity attack.
• It includes steps on how to implement backups tied to secure storage capabilities, use network protection and inventory assessments.
• It also suggests how and what policies to create to help ensure endpoints are safeguarded.

NIST researchers have, reportedly, referred to significant ransomware incidents from the past few years including the WannaCry attacks of 2017 to map out protection tips for enterprises.

An overview of practice guidelines

The first draft on data integrity and protection is a guide to better identify and protect IT assets from data integrity attacks, including ransomware. It also contains two key insights: a reference design that acts as a technical blueprint for action items, and a guide to commercially available technologies that create more robust security controls for a network. There’s a "how-to" guide on implementing best practices as well.

The second document shares advice on improving the detection and mitigation of ransomware, along with the other security issues within their infrastructure. It indicates how integrity monitoring, event detection, reporting capabilities, vulnerability management, and mitigation and containment can be implemented within the IT infrastructure.

Comments

Jennifer Cawthra, lead for data security and healthcare at the National Cybersecurity Center of Excellence, said, “Much like the NIST Cybersecurity Framework, these guidelines offer best practices that organizations can pick and choose based on their own network architectures.”

"We put together a reference architecture to demonstrate that you can solve a cybersecurity challenge," Cawthra told Information Security Media Group (ISMG).

NIST is accepting comments on the draft guidelines until February 26.