The Cybersecurity and Infrastructure Security Agency has launched a pilot program authorized by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 intended to help protect critical infrastructure organizations against ransomware threats.
CISA said Monday the Ransomware Vulnerability Warning Pilot program will use existing data sources, threat intelligence technologies and vulnerability identification services to detect information systems with internet-exposed security vulnerabilities.
“The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations,” said Eric Goldstein, executive assistant director for cybersecurity at CISA.
According to the agency, 93 organizations were identified as running instances of Microsoft Exchange Service with a ProxyNotShell vulnerability exploited by ransomware actors.
The Joint Ransomware Task Force, an interagency body jointly led by the FBI and CISA, will coordinate the RVWP efforts.
“We encourage every organization to urgently mitigate vulnerabilities identified by this program and adopt strong security measures consistent with the U.S. government’s guidance on StopRansomware.gov,” Goldstein said.