The Cybersecurity and Infrastructure Security Agency is encouraging organizations to participate in the Pre-Ransomware Notification Initiative, a campaign that leverages external reports of initial hacker infiltration in order to mitigate deeper network intrusions.

The initiative is a collaborative effort of the interagency Joint Ransomware Task Force to crack down on data encryption malware, according to Clayton Romans, associate director of CISA’s Joint Cyber Defense Collaborative.

The agency’s pre-ransomware notifications are obtained through tips from cyber threat intelligence companies, infrastructure providers, and the cybersecurity research community. JCDC then sends a field personnel to warn and guide the victim organization about the early-stage attack. In the event that their network has already been encrypted, JCDC assists the organization to minimize the impact of the intrusion.

Since the start of 2023, the agency has so far alerted 60 institutions and confirmed that many of them were able to remediate the attack before their data was encrypted or exfiltrated, Romans reported. The affected entities were from multiple sectors including education, energy, healthcare, and water/wastewater.

