Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Free Cyber ServicesElection Threat Updates#protect2024Secure Our WorldShields UpReport A Cyber Issue

CISA logo image. America's Cyber Defense Agency, National Coordinator for Critical Infrastructure Security and Resilience
CISA Logo

Search

 

America's Cyber Defense Agency
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutivesHigh-Risk Communities
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
    CISA Conferences
    CISA Live!
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
    CISA Central
    2023 Year In Review
    Contact Us
    Subscribe

Free Cyber ServicesElection Threat Updates#protect2024Secure Our WorldShields UpReport A Cyber Issue

Breadcrumb
  1. Home
  2. Topics
  3. Cyber Threats and Advisories
Share:
Shields UP!

SHIELDS UP!

As the nation’s cyber defense agency, CISA stands ready to help organizations prepare for, respond to, and mitigate the impact of cyberattacks.

SHIELDS UP Campaign Logo
Report a Cyber Issue
Organizations should report anomalous cyber activity and or cyber incidents 24/7 to report@cisa.gov or 1-844-Say-CISA.

Guidance

CISA urges everyone to protect themselves online and adopt a heightened posture when it comes to cybersecurity. CISA offers the following guidance for individuals, organizations, and leadership to enhance online security.

Man showing elderly man how to use the computer

Shields Up: Guidance for Families

Every individual can take simple steps to improve their cyber hygiene and protect themselves online. Here are 4 things you can do to keep yourself cyber safe.
Business people reviewing work on a table

Shields Up: Guidance for Organizations

CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Take these recommended actions.
A business CEO presenting from a screen

Shields Up: Guidance for Corporate Leaders and CEOs

Corporate leaders have an important role to play in ensuring that their organization adopts a heightened security posture. CISA urges all senior leaders, including CEOs, to take these steps.
Red skull against malicious code

Have you been affected by ransomware?

This checklist will take you through the response process from detection to containment and eradication.

Learn more

Quick Tips

As the nation’s cyber defense agency, CISA stands ready to help the nation prepare for, respond to, and mitigate the impact of cyber-attacks.

Icon with antivirus icon

Protect all devices with Antivirus

phone with text message

Enable multi-factor authentication

password icons

Choose strong passwords

Fish with hook

Avoid Phishing scams

Shopping icon

Shop at safe websites

Icon of URL

Check website URL

Privacy icon

Check your privacy settings

Icon for logging out

Remember to log off

Ransomware Response

Ransomware is a form of malware that encrypts files on device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

Paying ransom will not ensure your data is decrypted or that your systems or data will no longer be compromised. CISA, MS-ISAC, and other federal law enforcement do not recommend paying ransom. In addition, attackers have begun following their ransom demands to decrypt the data with a follow-on extortion demand to keep data private.

Related Resources

Cybersecurity Advisories
  • IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems FacilitiesandCISA: Iran Cyber Threat Overview and Advisories
  • #StopRansomware: LockBit 3.0
  • Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
  • CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
  • Alert (AA22-011A) Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
  • Russia Cyber Threat Overview and Advisories (Webpage)
  • CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats (pdf) 
  • CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure (pdf) 
  • Alert (AA22-057A) Destructive Malware Targeting Organizations in Ukraine
  • Alert (AA22-110A) Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
  • Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
  • Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
  • Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ‘PrintNightmare’ Vulnerability
  • Alert (AA22-131A) Protecting Against Cyber Threats to Managed Service Providers and their Customers
  • Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities
  • Alert (AA22-216A) 2021 Top Malware Strains
  • Alert (AA22-265A) Control System Defense: Know the Opponent
  • Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access
Cyber Preparedness Resources
  • CISA Establishes Ransomware Vulnerability Warning Pilot Program
  • CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capabilities of Russian State-Sponsored and Cyber Criminal Actors
  • CISA/DOE Insights: Mitigating Attacks Against Uninterruptible Power Supply Devices
  • Updated: Conti Ransomware Cybersecurity Advisory
  • National Cyber Awareness System
  • New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks
  • Cyber Essentials Toolkits
  • Cyber Resources
  • CISA Cybersecurity Awareness Program Toolkit

CISA Tools

View More Tools

Cyber Guidance for Small Businesses

Cyber incidents have surged among small businesses that often do not have the resources to defend against devastating attacks like ransomware. The security landscape has changed, and our advice needs to evolve with it.

Cyber Incident Resource Guide for Governors

PUBLICATION
The Cyber Incident Resource Guide for Governors provides information for governors and their staff on how to request federal support during or following a cyber incident.
Download File (PDF, 654.7 KB)
View More Tools

Foreign Influence Operations and Disinformation Resources

JULY 01, 2021 | PUBLICATION

War on Pineapple

This infographic, with a tongue-in-cheek approach to putting pineapple on pizza, looks at how foreign adversaries conduct malign information operations to inflame hot button issues in the United States.
Download File (PDF, 804.18 KB)
OCTOBER 18, 2022 | PUBLICATION

Tactics of Disinformation

Disinformation actors use a variety of tactics to influence others, stir them to action, and cause harm. Understanding these tactics can increase preparedness and promote resilience when faced with disinformation.
View Files

Executive Messages

Congress often asks CISA leadership and management to testify about the agency’s operations and activities related to cybersecurity. 

  • Statement by President Biden on our Nation's Cybersecurity
  • White House Fact Sheet: Act Now to Protect Against Potential Cyberattacks

UNITED STATES AND UKRAINE EXPAND COOPERATION ON CYBERSECURITY

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Ukrainian State Service of Special Communications and Information Protection of Ukraine (SSSCIP) signed a Memorandum of Cooperation (MOC) this week to strengthen collaboration on shared cybersecurity priorities.

View Press Release

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 1-844-Say-CISA SayCISA@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Budget and Performance
  • DHS.gov
  • Equal Opportunity & Accessibility
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback