Industry News

CISA Trials Ransomware Warning System for Critical Infrastructure Orgs

16 May 2023

An agency team will identify vulnerabilities being exploited by ransomware groups and alert organizations ahead of attacks, CISA says

An anti-ransomware project launched by the Cybersecurity and Infrastructure Security Agency (CISA) will proactively track common vulnerabilities being exploited by ransomware gangs, and alert exposed organizations to the risks to help them mitigate the threat before a cyberattack occurs.


The Ransomware Vulnerability Warning Pilot (RVWP) program started out by alerting 93 organizations open to the recent Microsoft Exchange Service "ProxyNotShell" vulnerability, which was under open attack by ransomware operators in the wild, the CISA announcement explained. The intention is for the RVWP to replicate the model on a larger scale and help critical infrastructure organizations stave off future ransomware attacks.


"Ransomware attacks continue to cause untenable levels of harm to organizations across the country, including target rich, resource poor entities like many school districts and hospitals," Eric Goldstein, executive assistant director for cybersecurity at CISA, said about the program in CISA's announcement. “The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations."