NIST project shows how to recover data after cyberattack

A new project from the National Cybersecurity Center of Excellence aims to help businesses protect their data after they’ve suffered an attack.

Outlined in a white paper released Tuesday, the NIST office partnered with the Financial Services Information Sharing and Analysis Center, known as FS-ISAC, to create case studies for how companies can prepare for and mitigate damage from various kinds of cyberattacks. The project will go on to explore methods for recovering operating systems, databases, user files, applications and system configurations.

“Ensuring data integrity is about mitigating business risk and maintaining consumer confidence,” John Carlson, FS-ISAC chief of staff, said in a release. “The FS-ISAC will continue working with the NCCoE, as well as industry and federal agencies, to identify solutions for reducing the impact of data integrity attacks, such as destructive malware.”

In the document, businesses are given examples of how to deal with ransomware attacks, data manipulation from insider threats, and malware that encrypts data, writes over original unencrypted content and then deletes the encryption keys.

The white paper, which is currently a draft, is part of a project developed out of a June NIST technical workshop and the White House’s Summit on Cybersecurity on Consumer Protection in February.

Feedback on the project will be used to craft a NIST cybersecurity practice guide, which will direct organizations on how to implement a cybersecurity reference design that allows for better data recovery.

Comments on the white paper can be submitted to NIST until Jan. 18, 2016.

Read the white paper below.