“2021 Ransomware Case Study: Identifying High Priority Security Controls for Public Institutions”
Three quarters through 2021 and malicious cyber actors appear to be taking full advantage of the world’s rapid shift towards an even more internet-dependent society. In May, nationwide oil shortages, increased consumer fuel prices, and emergency declarations were issued after a ransomware incident forced a major U.S. oil pipeline to shut down operations (The New York Times, 2021). In February, a U.S. public water treatment facility in Florida suffered an attack, resulting in the unauthorized adjustment of water treatment chemicals which nearly poisoned the public drinking water supply for 15,000 people (Tampa Bay Times, 2021). Attacks against vital U.S. public institutions, specifically utilities, K-12 schools, and municipalities, profoundly impact society (CISA, 2021). This whitepaper includes a case study analysis of three major 2021 ransomware attacks on public institutions to develop a prioritized defense guide based on the CIS Controls with the highest return on investment.
Read full research here: https://www.sans.org/white-papers/2021-ransomware-case-study-identifying-high-priority-security-controls-public-institutions/
