Draft: Data Integrity Identifying and Protecting Assets Against Ransomware and Other Destructive Events

Ransomware, destructive malware, insider threats, and even honest user mistakes present ongoing threats to organizations. Organizations’ data, such as database records, system files, configurations, user files, applications, and customer data, are all potential targets of data corruption, modification, and destruction. Formulating a defense against these threats requires two things: a thorough knowledge of the assets within the enterprise, and the protection of these assets against the threat of data corruption and destruction. The NCCoE, in collaboration with members of the business community and vendors of cybersecurity solutions, has built an example solution to address these data integrity challenges.

Multiple systems need to work together to identify and protect an organization’s assets against the threat of corruption, modification, and destruction. This project explores methods to effectively identify assets (devices, data, and applications) that may become targets of data integrity attacks, as well as the vulnerabilities in the organization’s system that facilitate these attacks. It also explores methods to protect these assets against data integrity attacks using backups, secure storage, integrity checking mechanisms, audit logs, vulnerability management, maintenance, and other potential solutions.

The entire report follows under key resources. 

Related Resources

Guides/Reports
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards…
Standards/Guidelines
Public
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or…
Webinar Recordings
Public
The U.S. Department of Health and Human Services’ (HHS) Health Sector Cybersecurity Coordination Center (HC3) invites you to join its monthly cybersecurity…
Guides/Reports
Working from Home during COVID-19 Pandemic During the COVID-19 pandemic, many physicians are working from home, using their personal computers and mobile…
Guides/Reports
Public
Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR 04/03/2020 04:45 PM EDT Original release date: April 3, 2020 Mozilla has released security…
Special Bulletin
Public
A recent campaign of cyberattacks from a foreign threat actor targeted healthcare organizations and specifically exploited Citrix and Zoho technologies used…