Security News > 2023 > March > CISA now warns critical infrastructure of ransomware-vulnerable devices
Today, the U.S. Cybersecurity & Infrastructure Security Agency announced a new pilot program to help critical infrastructure entities protect their information systems from ransomware attacks.
"Through the Ransomware Vulnerability Warning Pilot, which started on January 30, 2023, CISA is undertaking a new effort to warn critical infrastructure entities that their systems have exposed vulnerabilities that may be exploited by ransomware threat actors," the cybersecurity agency said.
CISA's newly established Ransomware Vulnerability Warning Pilot program has two goals: to scan critical infrastructure entities' networks for Internet-exposed systems with vulnerabilities that ransomware attackers often exploit to breach networks and help vulnerable organizations fix the flaws before they get hacked.
This is part of a broader effort to fend off the escalating ransomware threat that started almost two years ago after a barrage of cyberattacks targeting critical infrastructure organizations and U.S. government agencies, starting with ransomware attacks that hit the networks of Colonial Pipeline, JBS Foods, and Kaseya.
Earlier that month, CISA launched a new partnership to protect U.S. critical infrastructure from ransomware and other cyber threats, known as the Joint Cyber Defense Collaborative.
CISA has also launched a dedicated portal to provide all the resources needed to prepare, defend against, and block ransomware attacks, including the tools needed to report ransomware incidents and request technical assistance.
News URL
Related news
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- CISA says BianLian ransomware now focuses only on data theft (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Ransomware payments are now a critical business decision (source)
- CISA, FBI Issue Guidance for Securing Communications Infrastructure (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)