U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

White Paper (Draft)

[Project Description] Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

Date Published: November 2017
Comments Due: December 12, 2017 (public comment period is CLOSED)
Email Questions to: di-nccoe@nist.gov

Author(s)

Timothy McBride (NIST), Michael Ekstrom (MITRE), Lauren Lusty (MITRE), Julian Sexton (MITRE), Anne Townsend (MITRE)

Announcement

This project from the National Cybersecurity Center of Excellence (NCCoE) will detail methods and potential tool sets that can detect, mitigate, and contain data integrity events in the components of an enterprise network. It will also identify tools and strategies to aid in a security team’s response to such an event. The project will result in a freely available NIST Cybersecurity Practice Guide, documenting an example solution that demonstrates how to perform the following actions:

  • monitor integrity;
  • logging and data correlation;
  • manage vulnerabilities; and
  • report unauthorized or malicious activity.

Abstract

Keywords

data integrity; malware; ransomware; attack vector; malicious actor; malware detection; malware response
Control Families

Contingency Planning; Incident Response; System and Information Integrity; Audit and Accountability; Access Control; Configuration Management; Assessment, Authorization and Monitoring; Risk Assessment; Program Management; Physical and Environmental Protection; Media Protection; Maintenance; Identification and Authentication; System and Communications Protection; System and Services Acquisition