Skip to main content

2021 Ransomware Case Study: Identifying High Priority Security Controls for Public Institutions

Three quarters through 2021 and malicious cyber actors appear to be taking full advantage of the world's rapid shift towards an even more internet-dependent society. In May, nationwide oil shortages, increased consumer fuel prices, and emergency declarations were issued after a ransomware incident forced a major U.S. oil pipeline to shut down operations (The New York Times, 2021). In February, a U.S. public water treatment facility in Florida suffered an attack, resulting in the unauthorized adjustment of water treatment chemicals which nearly poisoned the public drinking water supply for 15,000 people (Tampa Bay Times, 2021). Attacks against vital U.S. public institutions, specifically utilities, K-12 schools, and municipalities, profoundly impact society (CISA, 2021). This whitepaper includes a case study analysis of three major 2021 ransomware attacks on public institutions to develop a prioritized defense guide based on the CIS Controls with the highest return on investment.

Download file

SANS-2021-ransomware-case-study-identifying-high-priority-security-controls-public-institutions (PDF, 4.80MB)

1 Dec 2021
ByAnthony Luna
Share
All papers are copyrighted

No re-posting of papers is permitted

Related Content

Inside the Five Most Dangerous New Attack Techniques

Research Paper

This e-book represents the next evolution of that effort. Here, we take the five key topics presented from the keynote stage and expand them into four full-length chapters.

  • 8 Dec 2025
  • Heather Barnhart, Rob T. Lee, Joshua Wright, Tim Conway

Marketing or Added Value? The Truth About Purpose-Built Detection and Response for Containers

Research Paper

With the rise of Cloud Detection and Response (CDR), this paper dives deeper into the added value and gaps of these solutions compared to the traditional pillar, Endpoint Detection and Response (EDR).

  • 5 Dec 2025

Autonomous Endpoint Management: Next-Gen Endpoint Visibility Fueling SecOps and IT Ops with AI

Research Paper

This First Look outlines how Tanium’s single-agent architecture and AI-powered capabilities empower teams to operate from a shared source of truth, reduce operational overhead, and achieve measurable ROI.

  • 10 Nov 2025
  • Matt Bromiley

Securing Azure with PIM: A Just-in-Time Access Study

Research Paper

Securing Azure with PIM: A Just-in-Time Access Study

  • 11 Jul 2025

Out-of-Band Defense: Securing VPNs from Password-Spray Attacks with Cloud Automation

Research Paper

This research examines an out-of-band solution to detect and block password-spray attacks on Remote Access VPN services, addressing vulnerabilities like Cisco’s CVE-2024-20481 amid rising threats post-COVID-19.

  • 12 May 2025
  • SANS Institute

The Flavor of Clouds: Are Some Cloud Platforms More Attractive to Attackers?

Research Paper

Significant financial loss and sensitive data exposure continue to be a significant risk for...

  • 17 Feb 2025

Detecting Azure Hybrid Machine Attack Paths with Graph Theory

Research Paper

This research extends the data collected by the security tool BloodHound to uncover hidden...

  • 7 Jan 2025

The Cost of Container Runtime Security

Research Paper

Containerization has fundamentally changed how applications are developed, deployed, and managed....

  • 5 Dec 2024

Never Trust, Always Verify: Analysis of Zero Trust Best Practices for Conditional Access

Research Paper

This study examines the effectiveness of Microsoft Entra's Conditional Access policies in thwarting...

  • 26 Sep 2024

Memory Safety and Beyond: Unveiling the Missing Piece in Golang

Research Paper

This study examines Go's default HTTP implementation while undergoing certain Denial of Service...

  • 2 Aug 2024

Active Directory: Tactical Containment to Curb Domain Dominance

Research Paper

More than two decades after Microsoft released Active Directory, the identity platform remains in...

  • 22 Apr 2024

Evaluating Detection Time Delta in Amazon GuardDuty

Research Paper

Understanding the effectiveness of security solutions like Amazon GuardDuty is essential for...

  • 30 Nov 2023

Apples to Oranges: Understanding the Changing Attack Surface for Applications Migrated from Self- Hosted to SaaS

Research Paper

Why would you defend two instances of the same application differently? Self-hosted applications...

  • 15 Sep 2023

Kubernetes: Stealing Service Account Tokens to Obtain Cluster-Admin

Research Paper

Kubernetes security is a complex subject that relies on well-designed Role-Based Access Control...

  • 14 Jun 2023

Is Your Cloud Environment Secure? How Do You Know?

Research Paper

The adoption and utilization of cloud environments continue to proliferate for businesses of all...

  • 8 Dec 2022

Enterprise Observable Security: A Holistic Approach Using Azure

Research Paper

The information security industry has been plagued with many technical and social challenges that...

  • 5 Oct 2022

Decreasing Attacker Dwell Time in Azure Active Directory

Research Paper

As companies continue to embrace the cloud, attackers also have shifted their attack methods to...

  • 21 Jul 2021

Detecting and Preventing the Top AWS Database Security Risks

Research Paper

Engineers regularly perform risky actions while deploying and operating databases on cloud services...

  • 9 Dec 2020

Prescriptive Model for Software Supply Chain Assurance in Private Cloud Environments

Research Paper

As companies embrace Continuous Integration/Continuous Deployment (CI/CD) environments, automated...

  • 14 Oct 2020

Shall We Play a Game?: Analyzing the Security of Cloud Gaming Services

Research Paper

The adoption of cloud gaming services is quickly growing. Like many services that are eager to go to...

  • 7 Oct 2020