HJAR Jul/Aug 2021

nearly always too late to do something, and companies and individuals are not taking the proper steps before-hand to prevent an attack. What are those proper steps? Cyber Task Force Below are some exam- ples of steps that can be taken, but they do not include all IT best practices: Pre-Incident: • Identify the data, systems, re- sources, intellectual property most important to your organiza- tion. • Have a cyber incident response plan to include technology (such as backups, system restore), legal, data monitoring. • Have prior engagement with law enforcement to build relationships and have a point of contact. • Know the incident response plan and practice the plan frequently. • Have established relationships with cyber information sharing or- ganizations. Post-Incident: • Assess and minimize damage on and off the network. • Collect and preserve data. • This can include Images of infect- ed server, logs, records. • Notify in a timely manner your management, law enforcement and victims. • DO NOT use compromised sys- tems to communicate! Editor Another frustrated IT person we spoke with put the increase in cyber- crime this way: “If a foreign or home- grown terrorist bombed an office build- ing, those people would be brought to justice by the U.S. government, yet today the equivalent is happening to businesses and individuals across America every day and it appears that these individuals or nation states are getting away with no recourse for those effected.” Is this a fair assess- ment from your perspective of what is happening? Cyber Task Force For a while now, the FBI has been combating cyber threats the way we learned to fight terrorism after 9/11. Our mantra is disruption — hitting hackers before or during their attacks. And as with counterterrorism, we focus on working through partners — setting credit aside, taking all the information we develop using really broad authorities that connect us to everyone from victims to DOD and foreign intel services, and leveraging our investigations to enable every player to bring their best weap- ons to bear. The private sector is a lynchpin in our cyber response. It’s where our intellec- tual property, innovation and critical infrastructure lie. It’s where the adver- saries strike and where the intelligence we need comes from. We’re devoting thousands of hours across every field office in the country helping, enabling and obtaining information from both providers and victims, companies and universities of all sizes, like never before. The threat is continuing to grow. You have ransomware groups causing more destruction, taking larger ransoms, and nation-state actors showing a capability to sow widespread destruction if they should choose. We need to treat the new awareness among the public of the cyber danger as a chance to enlist the kind of broad, society-wide effort the cyber threat demands. Because the govern- ment can’t do it alone. As we recently stated after the JBS cyberattack, a cyberattack on one is an attack on us all. As the lead federal inves- tigative agency fighting cyber threats, combating cybercrime is one of the FBI’s highest priorities. We frequently attribute different cyberattacks to indi- vidual actors and groups, and we work diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable. Our private sector partner- ships are essential to responding quickly when a cyber intrusion occurs and pro- viding support to victims affected by our cyber adversaries. We encourage any “The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.” HEALTHCARE JOURNAL OF ARKANSAS I  JUL / AUG 2021 11