Case studies on America’s Ransomware Attack Preparedness

Cybersecurity becomes increasingly challenging as criminal tactics evolve and adapt. American companies are at the forefront as they race to strengthen network security in response to cyber threats. In 2021 the United States experienced the most ransomware threats at 421.5 million— a sharp increase from 2020.

To assist companies in preparing for and responding to cyberattacks, the U.S. Senate Committee on Homeland Security and Governmental Affairs (HSGAC) has released America’s Data Held Hostage: Case Studies in Ransomware Attacks on American Companies. This report highlights the experiences of three diverse companies in response to the Russian ransomware group REvil. Among the three are a Fortune 500 company, a global manufacturing company, and a smaller technology firm. Findings from these studies indicate the broad reach of cyber criminals and ransomware despite a variety of business models and number of employees.

The study finds phishing to be the most common initial breach of security among the three, showing that companies even with the most advanced cybersecurity protections often fall victim to cyberattacks. In addition, companies who maintained offline data backups, multifactor authentication practices, and detailed response plans were more likely to regain critical functions, without having to pay a ransom. These proactive measures, including reporting incidents, will provide more visibility to the Federal Government.

HSGAC recommends that the Cybersecurity and Infrastructure Security Agency (CISA) immediately share any reported cyberattack incidents with the FBI. CISA and the National Cyber Director must implement cyberattack reporting legislation, and work together with other appropriate agencies to minimize regional and national effects. The study also emphasizes that a close partnership between CISA, the National Cyber Director, and the FBI are crucial to investigation and providing technical assistance to victims.


For more information, check out HSDL’s Featured Topics on Cyber Crime & National Security, Cyber Infrastructure Protection, and Cyber Policy. Please note an HSDL login is required to view some of these resources.

Need help finding something? Ask one of our librarians for assistance!