[CDP-development] CISA Announces Pre-Ransomware Notification Initiative

[Masse, Theresa]

FYSA



The Cybersecurity and Infrastructure Security Agency (CISA) announces today our latest effort to stop ransomware: Pre-Ransomware Notification Initiative<https://www.cisa.gov/news-events/news/getting-ahead-ransomware-epidemic-cisas-pre-ransomware-notifications-help-organizations-stop-attacks>. This initiative is already showing impact in actually reducing the harm from ransomware intrusions.



We know that ransomware actors often take some time after gaining initial access to a target before encrypting or stealing information, a window of time that often lasts between hours and days. This window gives CISA time to warn organizations that ransomware actors have gained initial access to their networks. These early warnings can enable victims to safely evict the ransomware actors from their networks before they have a chance to encrypt and hold critical data and systems at ransom.



Since the start of 2023, CISA has notified more than 60 entities across the energy, healthcare, water/wastewater, education, and other sectors about potential pre-ransomware intrusions, and has confirmed that many of them identified and remediated the intrusion before encryption or exfiltration occurred.



Read our blog<https://www.cisa.gov/news-events/news/getting-ahead-ransomware-epidemic-cisas-pre-ransomware-notifications-help-organizations-stop-attacks> written by Clayton Romans, Associate Director for Joint Cyber Defense Collaborative, for more details on how this initiative works.



To enable the broader cyber community to benefit from valuable threat intelligence, CISA urges organizations to report observed activity, including ransomware indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) to CISA or our federal law enforcement partners, including the U.S. Federal Bureau of Investigation (FBI) and the U.S. Secret Service. You can find information on reporting at stopransomware.gov.<https://www.cisa.gov/stopransomware/report-ransomware>



Theresa A. Masse
Cybersecurity State Coordinator/Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D95D5F.D2A8BB90]




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230323/767871b9/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230323/767871b9/attachment-0001.png>