The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Joint Cyber Defense Collaboration (JCDC) have announced a new initiative to help organizations quickly remediate vulnerabilities targeted by ransomware actors.
The Pre-Ransomware Notification Initiative provides businesses with early warning, allowing threat actors to encrypt their data and systems and eliminate them before a ransom is demanded.
“Using this proactive cyber defense capability, CISA has notified over 60 entities of early-stage ransomware intrusions since January 2023, including energy, healthcare, public health, This includes critical infrastructure organizations in the water and wastewater systems sector, and the educational community,” CISA wrote in a warning issued Thursday.
On the same day, JCDC Associate Director Clayton Romans wrote another blog post about the new initiative, highlighting its benefits to important organizations.
“Ransomware attackers often take some time between gaining initial access to a target and encrypting or stealing information. This time frame often lasts from several hours to several days. ,” explains Romans. “This period gives organizations time to warn that ransomware attackers have gained initial access to their networks.”
Romans added that early warning notification can significantly reduce the potential for data loss, as well as the operational impact, financial impact, and other negative impacts of a ransomware attack. rice field.
Regarding the new initiative, Avishai Avivi, CISO of cybersecurity firm SafeBreach, said the Biden administration’s push toward implementing the National Cybersecurity Strategy announced earlier this month is a meaningful signal. rice field.
Learn more about US strategy here: White House Launches National Cybersecurity Strategy
“This program addresses the strategic objectives listed in Pillar 2 of the National Strategy. [to help] “Increase the speed and scale of information sharing and victim notification.” […] To “fight cybercrime and defeat ransomware,” Avivi explained.
“As a first initiative, CISA will provide victim organizations with early warning and assistance to prevent or recover from ransomware attacks. We are also working on a second initiative to sabotage their ability to extort other organizations.”
Avivi added that it believes this type of collaboration will help organizations validate their security controls while making their security programs more resilient to these types of attacks.
