Security News > 2023 > March > CISA now warns critical infrastructure of ransomware-vulnerable devices

Today, the U.S. Cybersecurity & Infrastructure Security Agency announced a new pilot program to help critical infrastructure entities protect their information systems from ransomware attacks.

"Through the Ransomware Vulnerability Warning Pilot, which started on January 30, 2023, CISA is undertaking a new effort to warn critical infrastructure entities that their systems have exposed vulnerabilities that may be exploited by ransomware threat actors," the cybersecurity agency said.

CISA's newly established Ransomware Vulnerability Warning Pilot program has two goals: to scan critical infrastructure entities' networks for Internet-exposed systems with vulnerabilities that ransomware attackers often exploit to breach networks and help vulnerable organizations fix the flaws before they get hacked.

This is part of a broader effort to fend off the escalating ransomware threat that started almost two years ago after a barrage of cyberattacks targeting critical infrastructure organizations and U.S. government agencies, starting with ransomware attacks that hit the networks of Colonial Pipeline, JBS Foods, and Kaseya.

Earlier that month, CISA launched a new partnership to protect U.S. critical infrastructure from ransomware and other cyber threats, known as the Joint Cyber Defense Collaborative.

CISA has also launched a dedicated portal to provide all the resources needed to prepare, defend against, and block ransomware attacks, including the tools needed to report ransomware incidents and request technical assistance.

News URL

https://www.bleepingcomputer.com/news/security/cisa-now-warns-critical-infrastructure-of-ransomware-vulnerable-devices/