The FBI CJIS Security Policy requires agencies to employ virus protection mechanisms to protect against malicious code which could be used to compromise sensitive systems.
188.8.131.52 Malicious Code Protection states in part;
The agency shall employ virus protection mechanisms to detect and eradicate malicious code (e.g., viruses, worms, Trojan horses) at critical points throughout the network and on all workstations, servers and mobile computing devices on the network. The agency shall ensure malicious code protection is enabled on all of the aforementioned critical points and information systems and resident scanning is employed.
The DPS does not endorse specific products or vendors to fulfill this CJIS requirement. However, several news outlets have recently reported that FBI counterintelligence is advising portions of the private sector to move away from Kaspersky products. In addition, the General Services Administration (GSA) has removed Kaspersky Labs from its list of approved vendors over fears the Russian-owned cybersecurity company represents an undue risk to U.S. interests. These concerns have been focused primarily on the energy sector and those systems which support infrastructure. However, in light of these recent security concerns, DPS would encourage agencies subject to the CJIS security policy to consider finding alternatives to meet the requirements referencing Malicious Code Protection.
DPS encourages criminal justice agencies to exercise good judgement and practice sound risk management as it relates to securing the access to sensitive systems across the State of Texas and the Nation.
CryptoLocker ransomware has been prevalent throughout the world infecting computer systems. We are providing this Security Advisory to the Law Enforcement community to provide practical information to curtail and help dismantle this ransomware. The Decrypt CryptoLocker Ransomware link provides a possible solution to decrypt files encrypted by CryptoLocker and the Ransomware Tips link provides further resources.