Tips on How Public and Private Entities Can Combat the Rising Tide of Ransomware


NetStandard’s Security Minute Series 

This Tuesday, 5/4, I’m doing a webinar with Miller Group. Sign up, tell your friends!  The Ransomware Task Force, a group of more than 50 cybersecurity experts, has published a detailed framework for how public and private entities can work together to help stem the rising tide of ransomware. It calls for a “whole of government” response, treating ransomware as the national security threat that it has become: Institute for Security and Technology (IST) » RTF Report: Combatting Ransomware

  • One of the priority recommendations calls for better regulation and oversight over cryptocurrency, to try to restrict the money flow. Ransomware is really just a money grab, after all.

Coveware has released its Q1 2021 ransomware report. The average ransom payment is over $200,000, and 77% of all ransomware attacks featured data exfiltration.

  • “[D]espite the increase in demands, and higher prevalence of data theft, we are encouraged that a growing number of victims are not paying. Over hundreds of cases, we have yet to encounter an example where paying a cyber criminal to suppress stolen data helped the victim mitigate liability or avoid business / brand damage. On the contrary, paying creates a false sense of security, unintended consequences and future liabilities.”

The latest group to fall victim to a ransomware attack is the Washington DC Police Department. The Babuk gang is threatening to release the identities of police informants if the ransom is not paid: D.C. Police Department Data Is Leaked in a Cyberattack – The New York Times (

If you qualify for a .gov domain, but didn’t get one because it’s more expensive, now you can. Starting now, .gov domains are available for free: A new day for .gov | DotGov

  • Government entities should get a .gov domain if they can; it immediately marks the domain as being “official” and not an impersonator.

Back in January, international law enforcement seized much of the Emotet control infrastructure, and used it to deploy a new configuration that would cause infected machines to uninstall Emotet on April 25, 2021. The mass uninstall has begun: Emotet malware nukes itself today from all infected computers worldwide (

Microsoft is replacing Calibri as the default font for Microsoft Office. Which font should they choose next? Beyond Calibri: Finding Microsoft’s next default font – Microsoft 365 Blog
This week we learned…



For over 25 years, NetStandard has been providing a wide range of technical solutions to various industries in the Kansas City metro area.