Ransomware Resource Center

Helping healthcare delivery, supply, and support organizations become more resilient to the growing threats from ransomware.

Ransomware Resource Center

Helping healthcare delivery, supply, and support organizations become more resilient to the growing threats from ransomware.

""

To get started quickly, choose one of the buttons below based on your role.

There are two ways to navigate through the site’s resources. First is via the table below, which categorizes tools around the five stages of the National Institute of Standards and Technology (NIST) Cybersecurity Framework: Identify, Protect, Detect, Respond, Recover. For each stage, relevant tools are linked at bottom of the column. Second, use the Resource Library page where you can search, sort, and filter to find the materials that best fit your needs.

Resources to address the ransomware threat
Identify Protect Detect Respond Recover
NIST Cybersecurity Framework Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities. Develop and implement appropriate safeguards to ensure delivery of critical services. Develop and implement appropriate activities to identify the occurrence of a cybersecurity event. Develop and implement appropriate activities to take action regarding a detected cybersecurity incident. Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity attack.
Ransomware Relevance Identify your critical processes, the systems on which they depend, and their vulnerabilities to ransomware. Deploy additional defenses relevant to ransomware. Implement resiliency by regularly backing up all critical data and deploying means to operate critical healthcare functions in case of attack. Monitor in real time for a ransomware attack. After breaching a network, ransomware only needs a few hours to encrypt and/or cripple IT systems. Upon detection of ransomware, be ready to switch to alternative means of operation and implement incident response procedures. Restore lost data from backups, revert to normal operations, do a root cause analysis, and report as appropriate to relevant authorities.
Resources
From National Institute of Standards and Technology (NIST) Cybersecurity Framework

Resources to address the ransomware threat

NIST Cybersecurity Framework

Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.

Ransomware Relevance

Identify your critical processes, the systems on which they depend, and their vulnerabilities to ransomware.

Resources

NIST Cybersecurity Framework

Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity attack.

Ransomware Relevance

Restore lost data from backups, revert to normal operations, do a root cause analysis, and report as appropriate to relevant authorities.

Resources

Resources to address the ransomware threat

NIST Cybersecurity Framework

Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.

Ransomware Relevance

Identify your critical processes, the systems on which they depend, and their vulnerabilities to ransomware.

Resources

NIST Cybersecurity Framework

Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity attack.

Ransomware Relevance

Restore lost data from backups, revert to normal operations, do a root cause analysis, and report as appropriate to relevant authorities.

Resources

We hope you find the Ransomware Resource Center helpful. If you have suggestions for improving it, or wish to learn more about MITRE’s cybersecurity capabilities, please contact us at HealthCyber@mitre.org.

Q&A

Q&A on How Ransomware Is Affecting Healthcare with MITRE Cybersecurity Expert Joanne Fitzpatrick

Approved for Public Release; Distribution Unlimited.  Public Release Case Number 21-0418.

Pin It on Pinterest

Share This