Ransomware Tabletop Exercise for Government Agencies

Ransomware is a form of malicious software (malware) that attacks computer systems, encrypts the victim’s files, and prevents the victim from accessing their data. Ransomware attacks on critical information technology systems can cause loss of service and productivity. State and local government agencies are especially vulnerable to attacks due to their limited access to resources and lower than standard industry pay which makes it difficult to recruit top talent. This project, submitted in partial fulfillment of the requirements for the degree Master of Science in Cybersecurity, examines the issue of ransomware attacks. Utilizing National Incident Management Systems protocols created by the Federal Emergency Management Agency for natural disaster responses, this project creates tabletop training exercises to be used by cybersecurity professionals and other government officials in order to prepare for and respond to these incidents. Trained facilitators will guide the participants through each exercise which concludes with a debriefing session. This project is designed to inform and educate those participants in order to prepare them for an actual event. This project includes a detailed description of how FEMA and NIMS operate in relation to disaster recovery and how that relates to designing a tabletop exercises geared towards responding to a ransomware attack. This project focus on ransomware attacks against state and local government agencies since this is a growing situation that they are facing. My goal with this project is to create a tabletop exercise for agencies to implement in their training programs to better prepare them for a ransomware attack on their agencies. These tabletops are designed to simulate an actual response to a ransomware attack and will help agencies develop an idea of how prepared they are for an attack and make a plan for one.