CISA Unveils Ransomware Notification Initiative

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Joint Cyber Defense Collaborative (JCDC) have unveiled a new effort to aid organizations in quickly fixing vulnerabilities targeted by ransomware actors.

The Pre-Ransomware Notification Initiative provides businesses with early warnings, enabling them to potentially evict threat actors before they can encrypt data and systems for ransom.

“Using this proactive cyber defense capability, CISA has notified more than 60 entities of early-stage ransomware intrusions since January 2023, including critical infrastructure organizations in the energy, healthcare and public health, water and wastewater systems sectors, as well as the education community,” CISA wrote in an alert published on Thursday.

On the same day, JCDC associate director, Clayton Romans, wrote a separate blog post about the new initiative, highlighting its benefits for critical organizations.

“We know that ransomware actors often take some time after gaining initial access to a target before encrypting or stealing information, a window of time that often lasts from hours to days,” Romans explained. “This window gives us time to warn organizations that ransomware actors have gained initial access to their networks.”

Romans added that early warning notifications can significantly reduce the potential loss of data, as well as the impact on operations, financial ramifications and other negative consequences of ransomware attacks.

Commenting on the new initiative, Avishai Avivi, CISO of cybersecurity firm SafeBreach, said it is a meaningful signal that the Biden Administration is pushing towards implementing the National Cybersecurity Strategy published earlier this month.

Read more on the US strategy here: White House Launches National Cybersecurity Strategy

“This program addresses the strategic objectives listed under pillar two of the national strategy [to help] ‘increase the speed and scale of intelligence sharing and victim notification’ and […] to ‘counter cybercrime, defeat ransomware,’” Avivi explained.

“For the first initiative, CISA provides the victim organizations with early warning and assistance to prevent or recover from ransomware attacks. By doing this, CISA is also addressing the second initiative that removes the malicious actors’ reward structure and disrupts their ability to extort the victim organizations.”

Avivi added that SafeBreach believes this type of collaboration will enable organizations to validate their security controls while also enhancing the resilience of their security program to these types of attacks.

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors
Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise

Leave a Reply

Your email address will not be published. Required fields are marked *