The US Cybersecurity and Infrastructure Security Agency (CISA) and the Joint Cyber Defense Collaborative (JCDC) have announced the new Pre-Ransomware Notification Initiative aimed at helping organizations reduce the damage from ransomware incidents.
“With pre-ransomware notifications, organizations can receive early warning and potentially evict threat actors before they can encrypt and hold critical data and systems for ransom. Using this proactive cyber defense capability, CISA has notified more than 60 entities of early-stage ransomware intrusions since January 2023, including critical infrastructure organizations in the Energy, Healthcare and Public Health, Water and Wastewater Systems sectors, as well as the education community,” CISA noted.
“We know that ransomware actors often take some time after gaining initial access to a target before encrypting or stealing information, a window of time that often lasts from hours to days. This window gives us time to warn organizations that ransomware actors have gained initial access to their networks. These early warnings can enable victims to safely evict the ransomware actors from their networks before the actors have a chance to encrypt and hold critical data and systems at ransom,” JCDC associate director, Clayton Romans, wrote a separate blog post.
Romans added that early warning notifications can significantly reduce potential loss of data, impact on operations, financial ramifications, and other detrimental consequences of ransomware deployment.