CISA Creates Pilot Program to Warn Organizations With Ransomware Vulnerabilities
The Cybersecurity and Infrastructure Security Agency has established a pilot program to address rising ransomware attacks. CISA created the Ransomware Vulnerability Warning Pilot under the Cyber Incident Reporting for Critical Infrastructure Act through which organizations can receive early warnings about system vulnerabilities that make them prone to ransomware attacks.
Recently, over 90 organizations were informed of the ProxyNotShell vulnerability in Microsoft Exchange Service that is commonly exploited by ransomware actors, CISA said. The agency invites interested entities to join the program. Having knowledge of such vulnerabilities will allow organizations to be proactive in preventing ransomware incidents.
According to Eric Goldstein, executive assistant director for cybersecurity at CISA, ransomware attacks target various organizations in the U.S., including school districts and hospitals that have insufficient resources to defend their systems. With RVWP, American organizations will be provided with timely and actionable information, encouraging them to employ strong security measures to combat damaging ransomware incidents, Goldstein added.
The Joint Ransomware Task Force, an interagency body co-led by CISA and the FBI, is responsible for coordinating RVWP.
Tags: cybersecurity Cybersecurity and Infrastructure Security Agency Eric Goldstein ProxyNotShell Ransomware Vulnerability Warning Pilot