An agency team will identify vulnerabilities being exploited by ransomware groups and alert organizations ahead of attacks, CISA says.
An anti-ransomware project launched by the Cybersecurity and Infrastructure Security Agency (CISA) will proactively track common vulnerabilities being exploited by ransomware gangs, and alert exposed organizations to the risks to help them mitigate the threat before a cyberattack occurs.
The Ransomware Vulnerability Warning Pilot (RVWP) program started out by alerting 93 organizations open to the recent Microsoft Exchange Service "ProxyNotShell" vulnerability, which was under open attack by ransomware operators in the wild, the CISA announcement explained. The intention is for the RVWP to replicate the model on a larger scale and help critical infrastructure organizations stave off future ransomware attacks.
"Ransomware attacks continue to cause untenable levels of harm to organizations across the country, including target rich, resource poor entities like many school districts and hospitals," Eric Goldstein, executive assistant director for cybersecurity at CISA, said about the program in CISA's announcement. “The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations."
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024