CISA exposes flaws and configs that ransomware groups employ

In an effort to assist critical infrastructure businesses in preventing ransomware gang attacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released more information on security flaws and configuration errors.

In January of this year, CISA stated that it would notify critical infrastructure organizations (CIOs) about ransomware-vulnerable devices found on their network. As part of this initiative, CISA provided this information.

Almost 800 susceptible systems with internet-accessible vulnerabilities that are often targeted by different ransomware activities have been found and shared by CISA’s RVWP since its debut.

“Ransomware has disrupted critical services, businesses, and communities worldwide and many of these incidents are perpetrated by ransomware actors using known common vulnerabilities and exposures (CVE) (i.e., vulnerabilities),” the cybersecurity agency in the United States said.

Nonetheless, a lot of businesses may not be aware that their network has a vulnerability that ransomware threat actors might exploit.

“This information is now available to all organizations in our known exploited vulnerabilities (KEV) catalog because we have included a column labeled ‘known to be used in ransomware campaigns.'” Additionally, CISA has created a companion list of known vulnerabilities and misconfigurations used in ransomware campaigns for a second new RVWP resource.”

Since then, the US cybersecurity organization has additionally introduced a specific web site called StopRansomware.gov. This portal acts as the focal point for CISA’s endeavor to supply defenders with all the information they need to anticipate and lessen ransomware assaults.