U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

Published

Author(s)

Jennifer L. Cawthra, Michael R. Ekstrom, Lauren N. Lusty, Julian T. Sexton, John E. Sweetnam

Abstract

Ransomware, destructive malware, insider threats, and even honest mistakes present an ongoing threat to organizations that manage data in various forms. Database records and structure, system files, configurations, user files, application code, and customer data are all potential targets of data corruption and destruction. A timely, accurate, and thorough detection and response to a loss of data integrity can save an organization time, money, and headaches. While human knowledge and expertise is an essential component of these tasks, the right tools and preparation are essential to minimizing downtime and losses due to  data integrity events. The NCCoE, in collaboration with members of the business community and vendors of  cybersecurity solutions, has built an example solution to address these data integrity challenges. This project details methods and potential tool sets that can detect, mitigate, and contain data integrity events in the components of an enterprise network. It also identifies tools and strategies to aid in a security team's response to such an event.
Citation
Special Publication (NIST SP) - 1800-26
Report Number
1800-26
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

DOI Link

Keywords

attack vector, data integrity, malicious actor, malware, malware detection, malware response, ransomware
Infrastructure, Information technology and Cybersecurity

Citation

Cawthra, J. , Ekstrom, M. , Lusty, L. , Sexton, J. and Sweetnam, J. (2020), Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1800-26 (Accessed November 18, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 7, 2020, Updated December 8, 2020